Skip to content

Commit

Permalink
Added built-in policy for OpenSSH 9.8.
Browse files Browse the repository at this point in the history
  • Loading branch information
@jtesta
jtesta committed Jul 3, 2024
1 parent dcbc43a commit e42961f
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 1 deletion.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -214,7 +214,7 @@ For convenience, a web front-end on top of the command-line tool is available at
## ChangeLog

### v3.3.0-dev (???)
- Added built-in policies for Ubuntu 24.04 LTS server and client.
- Added built-in policies for Ubuntu 24.04 LTS server and client, and OpenSSH 9.8.
- Added IPv6 support for DHEat and connection rate tests.
- Fixed crash when running with `-P` and `-T` options simultaneously.

Expand Down
2 changes: 2 additions & 0 deletions src/ssh_audit/builtin_policies.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,8 @@

'Hardened OpenSSH Server v9.7 (version 1)': {'version': '1', 'changelog': 'Initial version.', 'banner': None, 'compressions': None, 'host_keys': ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-ed25519'], 'optional_host_keys': ['[email protected]', '[email protected]', '[email protected]', '[email protected]', '[email protected]'], 'kex': ['[email protected]', 'curve25519-sha256', '[email protected]', 'diffie-hellman-group16-sha512', 'diffie-hellman-group18-sha512', 'diffie-hellman-group-exchange-sha256', 'ext-info-s', '[email protected]'], 'ciphers': ['[email protected]', '[email protected]', '[email protected]', 'aes256-ctr', 'aes192-ctr', 'aes128-ctr'], 'macs': ['[email protected]', '[email protected]', '[email protected]'], 'hostkey_sizes': {"rsa-sha2-256": {"hostkey_size": 4096}, "[email protected]": {"ca_key_size": 4096, "ca_key_type": "ssh-rsa", "hostkey_size": 4096}, "rsa-sha2-512": {"hostkey_size": 4096}, "[email protected]": {"ca_key_size": 4096, "ca_key_type": "ssh-rsa", "hostkey_size": 4096}, "[email protected]": {"ca_key_size": 256, "ca_key_type": "ssh-ed25519", "hostkey_size": 256}, "[email protected]": {"hostkey_size": 256}, "ssh-ed25519": {"hostkey_size": 256}, "[email protected]": {"ca_key_size": 256, "ca_key_type": "ssh-ed25519", "hostkey_size": 256}}, 'dh_modulus_sizes': {'diffie-hellman-group-exchange-sha256': 3072}, 'server_policy': True},

'Hardened OpenSSH Server v9.8 (version 1)': {'version': '1', 'changelog': 'Initial version.', 'banner': None, 'compressions': None, 'host_keys': ['rsa-sha2-512', 'rsa-sha2-256', 'ssh-ed25519'], 'optional_host_keys': ['[email protected]', '[email protected]', '[email protected]', '[email protected]', '[email protected]'], 'kex': ['[email protected]', 'curve25519-sha256', '[email protected]', 'diffie-hellman-group16-sha512', 'diffie-hellman-group18-sha512', 'diffie-hellman-group-exchange-sha256', 'ext-info-s', '[email protected]'], 'ciphers': ['[email protected]', '[email protected]', '[email protected]', 'aes256-ctr', 'aes192-ctr', 'aes128-ctr'], 'macs': ['[email protected]', '[email protected]', '[email protected]'], 'hostkey_sizes': {"rsa-sha2-256": {"hostkey_size": 4096}, "[email protected]": {"ca_key_size": 4096, "ca_key_type": "ssh-rsa", "hostkey_size": 4096}, "rsa-sha2-512": {"hostkey_size": 4096}, "[email protected]": {"ca_key_size": 4096, "ca_key_type": "ssh-rsa", "hostkey_size": 4096}, "[email protected]": {"ca_key_size": 256, "ca_key_type": "ssh-ed25519", "hostkey_size": 256}, "[email protected]": {"hostkey_size": 256}, "ssh-ed25519": {"hostkey_size": 256}, "[email protected]": {"ca_key_size": 256, "ca_key_type": "ssh-ed25519", "hostkey_size": 256}}, 'dh_modulus_sizes': {'diffie-hellman-group-exchange-sha256': 3072}, 'server_policy': True},


# Amazon Linux Policies

Expand Down

0 comments on commit e42961f

Please sign in to comment.