-
-
Notifications
You must be signed in to change notification settings - Fork 176
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix detection of GSS algorithms #230
Comments
I have an example of this with putty, find the output attached. NB: this putty has custom algorithm order.
|
@ecki : thanks for posting this. This shows that the GSS parsing seems to be working--at least for client audits. I should still double-check that server audits still parse them correctly, though. Also, I see that PuTTY supports an algorithm that ssh-audit doesn't know about: Thanks again! |
You also might want to add the version info for curve448-sha512 (I assume it was introduced in openssh together with the curve25519-sha256 but not sure - how do you find those, try/review source?) and
Is default since 9.0 in openssh |
I don't believe that was added to OpenSSH, since they don't support Curve448 at all (unfortunately).
I get version info from the OpenSSH release notes. And I get info about new algorithms mainly from the debugging logs from the ssh-audit.com web front-end (people scan all kinds of exotic SSH servers...).
Thanks for the tip! Fixed in: 7b3402b |
Closing this issue, since additional testing showed that the GSS algorithms are indeed being parsed correctly. |
The following key exchanges are perhaps not detected properly:
The text was updated successfully, but these errors were encountered: