Nmap Development mailing list archives
Re: [NSE script] SSH weak hostkey
From: Sven Klemm <sven () c3d2 de>
Date: Tue, 09 Sep 2008 14:49:07 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Brandon Enright wrote: | I think the trouble with a service like this is that it by necessity | reveals weak keys semi-publicly. This makes me nervous for the DNS | check against DNS-OARC (and I trust them) but it makes me _really_ | nervous for something like weak SSH keys. I agree with Brandon. I think people interested in this script will probably prefer downloading the list with the weak key fingerprints instead of using a webservice to check keys. Most linux distributions probably have packages with those lists. http://packages.debian.org/sid/openssh-blacklist http://packages.debian.org/sid/openssh-blacklist-extra Cheers, Sven - -- Sven Klemm http://cthulhu.c3d2.de/~sven/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkjGcMMACgkQevlgTHEIT4Z2pwCfRai4KCn6fLQKCiRUEkxs9kwX YTQAn0JAo44o85rBlqOE7I9o92CuqujP =UZ9P -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE script] SSH weak hostkey Sven Klemm (Aug 17)
- Re: [NSE script] SSH weak hostkey Fyodor (Sep 03)
- Re: [NSE script] SSH weak hostkey Arturo 'Buanzo' Busleiman (Sep 08)
- Re: [NSE script] SSH weak hostkey Arturo 'Buanzo' Busleiman (Sep 08)
- Re: [NSE script] SSH weak hostkey Brandon Enright (Sep 08)
- Re: [NSE script] SSH weak hostkey Arturo 'Buanzo' Busleiman (Sep 08)
- Re: [NSE script] SSH weak hostkey Sven Klemm (Sep 09)
- Re: [NSE script] SSH weak hostkey Arturo 'Buanzo' Busleiman (Sep 08)
- Re: [NSE script] SSH weak hostkey Fyodor (Sep 03)