Comments (4)
Yes! I had been meaning to add this, but I wasn't aware there was a source of leaked keys I could use as an initial test.
It should be fairly easy to add, I think I can just treat them as passwords internally.
from ssh-auditor.
I have an initial support for this in 2617592
You have to add a key using something like this
ssh-auditor cred add -- test "$(cat testing/docker/alpine-sshd-test-key/test.key)"
The output of various commands isn't pretty, but it works. Probably the downside of re-using 'password' to mean 'password or key'
Looks like I can easily add support for importing directly from a checkout of https://github.com/rapid7/ssh-badkeys/tree/master/authorized, I just need to loop over the directory and grab the 'user' field from the yaml and the key from the .key file. I'm not sure if this is best done inside ssh-auditor or in a standalone script.... I already support bulk importing via json or csv... something like this
from __future__ import print_function
import glob
import yaml
import json
keys = []
for fn in glob.glob("*.yml"):
keyfile = fn.replace(".yml", ".key")
with open(fn) as f:
metadata = yaml.safe_load(f)
user = metadata[":user"]
with open(keyfile) as f:
key = f.read()
keys.append({
"User": user,
"Password": key,
})
for cred in keys:
print(json.dumps(cred))
used like
ssh-badkeys/authorized$ python export.py | ssh-auditor cred import json
from ssh-auditor.
Would be very cool to see ssh key support on this awesome tool. If there could be an argument like "-key /path/to/keys/id_rsa".
Also posting a reply here to be kept in the loop if there is development :)
Thanks
from ssh-auditor.
@syrius01 Initial ssh key support is implemented now in 0.15. The UX could be better though, right now you need to do this to load a key into the database:
ssh-auditor cred add -- root "$(cat /path/to/keys/id_rsa)"
from ssh-auditor.
Related Issues (9)
- Scan false negative HOT 5
- Unable to clear hosts that went offline before being fixed
- Add credential import/export commands HOT 1
- Reset Credential Interval HOT 3
- the link has losed when make static HOT 1
- Ability to discover using list of ips instead of cidr ranges HOT 4
- Blank password HOT 3
- AddCredential doesn't update existing scan_intervals
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ssh-auditor.