search

jtesta / ssh-audit

SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
MIT License
3.42k stars 177 forks source link

XMSS Keys Not Recognized #146

Closed bsweeney-gingerio closed 2 years ago

bsweeney-gingerio commented 2 years ago 
# general
(gen) client IP: 127.0.0.1
(gen) banner: SSH-2.0-OpenSSH_9.0p1-hpn15v2
(gen) software: OpenSSH 9.0p1 (-hpn15v2)
(gen) compression: enabled (zlib@openssh.com, zlib)

# key exchange algorithms
(kex) sntrup761x25519-sha512@openssh.com    -- [info] available since OpenSSH 8.5
(kex) curve25519-sha256                     -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
(kex) curve25519-sha256@libssh.org          -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
(kex) diffie-hellman-group18-sha512         -- [info] available since OpenSSH 7.3
(kex) diffie-hellman-group16-sha512         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group14-sha256         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group-exchange-sha256  -- [info] available since OpenSSH 4.4
(kex) ext-info-c

# host-key algorithms
(key) sk-ssh-ed25519-cert-v01@openssh.com   -- [info] available since OpenSSH 8.2
(key) sk-ssh-ed25519@openssh.com            -- [info] available since OpenSSH 8.2
(key) ssh-xmss-cert-v01@openssh.com         -- [warn] unknown algorithm
(key) ssh-xmss@openssh.com                  -- [warn] unknown algorithm
(key) ssh-ed25519-cert-v01@openssh.com      -- [info] available since OpenSSH 6.5
(key) ssh-ed25519                           -- [info] available since OpenSSH 6.5
(key) rsa-sha2-512-cert-v01@openssh.com     -- [info] available since OpenSSH 7.8
(key) rsa-sha2-256-cert-v01@openssh.com     -- [info] available since OpenSSH 7.8
(key) rsa-sha2-512                          -- [info] available since OpenSSH 7.2
(key) rsa-sha2-256                          -- [info] available since OpenSSH 7.2

# encryption algorithms (ciphers)
(enc) chacha20-poly1305@openssh.com         -- [info] available since OpenSSH 6.5
                                            `- [info] default cipher since OpenSSH 6.9.
(enc) aes256-gcm@openssh.com                -- [info] available since OpenSSH 6.2
(enc) aes128-gcm@openssh.com                -- [info] available since OpenSSH 6.2
(enc) aes256-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) aes192-ctr                            -- [info] available since OpenSSH 3.7
(enc) aes128-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52

# message authentication code algorithms
(mac) hmac-sha2-512-etm@openssh.com         -- [info] available since OpenSSH 6.2
(mac) hmac-sha2-256-etm@openssh.com         -- [info] available since OpenSSH 6.2
(mac) umac-128-etm@openssh.com              -- [info] available since OpenSSH 6.2

!!! WARNING: unknown algorithm(s) found!: ssh-xmss-cert-v01@openssh.com,ssh-xmss@openssh.com.  Please email the full output above to the maintainer (jtesta@positronsecurity.com), or create a Github issue at <https://github.com/jtesta/ssh-audit/issues>.

# ssh-audit v2.6.0, https://github.com/jtesta/ssh-audit
commit eb4ae65b0a42e32772f829515e1d65a9eb0490c2 (HEAD -> local, origin/master, origin/HEAD, master)
Author: thecliguy <adam@thecliguy.co.uk>
Date:   Sun Mar 27 16:17:27 2022 +0100
    Usage now includes '-g' and '--gex-test' parameters

$ ssh -Q key                                                                                                                                                                                      
ssh-ed25519                                                                                                                                                                                                                                 
ssh-ed25519-cert-v01@openssh.com                                                                                                                                                                                                            
sk-ssh-ed25519@openssh.com                                                                                                                                                                                                                  
sk-ssh-ed25519-cert-v01@openssh.com                                                                                                                                                                                                         
ssh-xmss@openssh.com                                                                                                                                                                                                                        
ssh-xmss-cert-v01@openssh.com                                                                                                                                                                                                               
ssh-rsa                                                                                                                                                                                                                                     
ssh-dss                                                                                                                                                                                                                                     
ecdsa-sha2-nistp256                                                                                                                                                                                                                         
ecdsa-sha2-nistp384                                                                                                                                                                                                                         
ecdsa-sha2-nistp521                                                                                                                                                                                                                         
sk-ecdsa-sha2-nistp256@openssh.com                                                                                                                                                                                                          
ssh-rsa-cert-v01@openssh.com                                                                                                                                                                                                                
ssh-dss-cert-v01@openssh.com                                                                                                                                                                                                                
ecdsa-sha2-nistp256-cert-v01@openssh.com                                                                                                                                                                                                    
ecdsa-sha2-nistp384-cert-v01@openssh.com                                                                                                                                                                                                    
ecdsa-sha2-nistp521-cert-v01@openssh.com                                                                                                                                                                                                    
sk-ecdsa-sha2-nistp256-cert-v01@openssh.com

XMSS is a candidate quantum-safe signature algorithm that is still considered experimental in OpenSSH and is gated behind a compile-time flag. It was added in OpenSSH 7.6.

jtesta commented 2 years ago

Thanks for reporting this, @bsweeney-gingerio ! I've checked these into the master branch.