search

mozilla / ssh_scan

DEPRECATED - A prototype SSH configuration and policy scanner (Blog: https://mozilla.github.io/ssh_scan/)
Mozilla Public License 2.0
793 stars 105 forks source link

Add SSHFP DNS support #489

Closed claudijd closed 5 years ago

claudijd commented 5 years ago

This was requested in #476, seems pretty doable.

claudijd commented 5 years ago

Example:

$ dig myserverplace.de any +multiline +noall +answer ;; Truncated, retrying in TCP mode.

; <<>> DiG 9.8.3-P1 <<>> myserverplace.de any +multiline +noall +answer ;; global options: +cmd myserverplace.de. 10799 IN SSHFP 4 1 ( 69AC080CCF6CD52F4788373BD4DCA21731E69713 ) myserverplace.de. 10799 IN SSHFP 3 1 ( 7C4B9B9105D6A0D7AACF44534A7800FC10466683 ) myserverplace.de. 10799 IN SSHFP 3 2 ( CB6493B10E1103FF1DBAB86989CFA96FA52370AC33EF E6D468A5F70B8D323869 ) myserverplace.de. 10799 IN SSHFP 4 2 ( 7CAE4FF942899F8E155BFC675E72E4146A1BF4107977 FE73C6CFFA8F3FDA8FC3 ) myserverplace.de. 10799 IN MX 5 mail.myserverplace.de. myserverplace.de. 10799 IN TXT "v=spf1 include:_spf.myserverplace.de -all" myserverplace.de. 10799 IN TXT "amazonses:1mc44l2MFDKlC+pyrstskCYZP+2r6KgPO2f0q9z0a+s=" myserverplace.de. 10799 IN TXT "amazonses:HbabkSgUn73qj2xxL+9HHUV6iM+y4se9Np0wMIl/8fg=" myserverplace.de. 10799 IN TXT "google-site-verification=-Q7-2FWbMKok9Q9Y-cuWE3o3Jf87NyK1woUskMsLkGo" myserverplace.de. 10799 IN NS ns1.myserverplace.de. myserverplace.de. 10799 IN NS ns1.first-ns.de. myserverplace.de. 10799 IN NS robotns3.second-ns.com. myserverplace.de. 10799 IN NS ns2.myserverplace.de. myserverplace.de. 10799 IN NS robotns2.second-ns.de. myserverplace.de. 10799 IN A 138.201.6.164 myserverplace.de. 10799 IN SOA ns1.myserverplace.de. admin.myserverplace.de. ( 2018113001 ; serial 10800 ; refresh (3 hours) 3600 ; retry (1 hour) 1209600 ; expire (2 weeks) 10800 ; minimum (3 hours) )