You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When scanning a remote server, only the sha256 fingerprints are shown.
It would make sense, to calculate the fingerprint with different hash algorithms, because not every client uses a sha256 hash for fingerprint calculation.
Following hash algorithms should be used:
MD5 (deprecated but there are still clients which are using MD5)
SHA512 (rarely used but some clients exist which are using SHA512 fingerprints)
I know those algorithms are not common, but as long as some clients are using those, ssh-audit should calculate the fingerprints.
The text was updated successfully, but these errors were encountered:
@hmaier1996 : as @thecliguy mentioned, you can still get the MD5 hash with the -v / --verbose flag. It is intentionally hidden by default since MD5 hashes are insecure for the use case of authenticating the server.
What clients show SHA512 by default? At the moment, I'd rather not clutter up the UI to accommodate special cases, but I wouldn't mind adding SHA512 hashes to verbose output.
When scanning a remote server, only the sha256 fingerprints are shown.
It would make sense, to calculate the fingerprint with different hash algorithms, because not every client uses a sha256 hash for fingerprint calculation.
Following hash algorithms should be used:
I know those algorithms are not common, but as long as some clients are using those, ssh-audit should calculate the fingerprints.
The text was updated successfully, but these errors were encountered: