Skip to content

rapid7/ssh-badkeys

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
January 24, 2019 15:00
January 21, 2015 15:25
October 15, 2015 11:39

SSH Bad Keys

This is a collection of static SSH keys (host and authentication) that have made their way into software and hardware products. This was inspired by the Little Black Box project, but focused primarily on SSH (as opposed to TLS) keys.

Keys are split into two categories; authorized keys and host keys. The authorized keys can be used to gain access to a device with this public key. The host keys can be used to conduct a MITM attack against the device, but do not provide direct access.

This collection depends on submissions from researchers to stay relevant. If you are aware of a static key (host or authorized), please open an Issue or submit a Pull Request. The Issues list also contains a wishlist of known bad keys that we would like to include.

For additional key types and a broader scope, take a look at the Kompromat project.

About

A collection of static SSH keys (public and private) that have made their way into software and hardware products.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published