diff options
Diffstat (limited to 'test/docker/expected_results/dropbear_2019.78_test1.json')
-rw-r--r-- | test/docker/expected_results/dropbear_2019.78_test1.json | 371 |
1 files changed, 371 insertions, 0 deletions
diff --git a/test/docker/expected_results/dropbear_2019.78_test1.json b/test/docker/expected_results/dropbear_2019.78_test1.json new file mode 100644 index 0000000..55dd8b6 --- /dev/null +++ b/test/docker/expected_results/dropbear_2019.78_test1.json @@ -0,0 +1,371 @@ +{ + "additional_notes": [ + "" + ], + "banner": { + "comments": null, + "protocol": "2.0", + "raw": "SSH-2.0-dropbear_2019.78", + "software": "dropbear_2019.78" + }, + "compression": [ + "zlib@openssh.com", + "none" + ], + "cves": [], + "enc": [ + { + "algorithm": "aes128-ctr", + "notes": { + "info": [ + "available since OpenSSH 3.7, Dropbear SSH 0.52" + ] + } + }, + { + "algorithm": "aes256-ctr", + "notes": { + "info": [ + "available since OpenSSH 3.7, Dropbear SSH 0.52" + ] + } + }, + { + "algorithm": "aes128-cbc", + "notes": { + "info": [ + "available since OpenSSH 2.3.0, Dropbear SSH 0.28" + ], + "warn": [ + "using weak cipher mode" + ] + } + }, + { + "algorithm": "aes256-cbc", + "notes": { + "info": [ + "available since OpenSSH 2.3.0, Dropbear SSH 0.47" + ], + "warn": [ + "using weak cipher mode" + ] + } + }, + { + "algorithm": "3des-ctr", + "notes": { + "fail": [ + "using broken & deprecated 3DES cipher" + ], + "info": [ + "available since Dropbear SSH 0.52" + ] + } + }, + { + "algorithm": "3des-cbc", + "notes": { + "fail": [ + "using broken & deprecated 3DES cipher" + ], + "info": [ + "available since OpenSSH 1.2.2, Dropbear SSH 0.28" + ], + "warn": [ + "using weak cipher mode", + "using small 64-bit block size" + ] + } + } + ], + "fingerprints": [ + { + "hash": "CDfAU12pjQS7/91kg7gYacza0U/6PDbE04Ic3IpYxkM", + "hash_alg": "SHA256", + "hostkey": "ssh-rsa" + }, + { + "hash": "63:7f:54:f7:0a:28:7f:75:0b:f4:07:0b:fc:66:51:a2", + "hash_alg": "MD5", + "hostkey": "ssh-rsa" + } + ], + "kex": [ + { + "algorithm": "curve25519-sha256", + "notes": { + "info": [ + "default key exchange since OpenSSH 6.4", + "available since OpenSSH 7.4, Dropbear SSH 2018.76" + ] + } + }, + { + "algorithm": "curve25519-sha256@libssh.org", + "notes": { + "info": [ + "default key exchange since OpenSSH 6.4", + "available since OpenSSH 6.4, Dropbear SSH 2013.62" + ] + } + }, + { + "algorithm": "ecdh-sha2-nistp521", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": [ + "available since OpenSSH 5.7, Dropbear SSH 2013.62" + ] + } + }, + { + "algorithm": "ecdh-sha2-nistp384", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": [ + "available since OpenSSH 5.7, Dropbear SSH 2013.62" + ] + } + }, + { + "algorithm": "ecdh-sha2-nistp256", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": [ + "available since OpenSSH 5.7, Dropbear SSH 2013.62" + ] + } + }, + { + "algorithm": "diffie-hellman-group14-sha256", + "notes": { + "info": [ + "available since OpenSSH 7.3, Dropbear SSH 2016.73" + ], + "warn": [ + "2048-bit modulus only provides 112-bits of symmetric strength" + ] + } + }, + { + "algorithm": "diffie-hellman-group14-sha1", + "notes": { + "fail": [ + "using broken SHA-1 hash algorithm" + ], + "info": [ + "available since OpenSSH 3.9, Dropbear SSH 0.53" + ], + "warn": [ + "2048-bit modulus only provides 112-bits of symmetric strength" + ] + } + }, + { + "algorithm": "kexguess2@matt.ucc.asn.au", + "notes": { + "info": [ + "available since Dropbear SSH 2013.57" + ] + } + } + ], + "key": [ + { + "algorithm": "ecdsa-sha2-nistp256", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": [ + "available since OpenSSH 5.7, Dropbear SSH 2013.62" + ], + "warn": [ + "using weak random number generator could reveal the key" + ] + } + }, + { + "algorithm": "ssh-rsa", + "keysize": 1024, + "notes": { + "fail": [ + "using broken SHA-1 hash algorithm", + "using small 1024-bit modulus" + ], + "info": [ + "deprecated in OpenSSH 8.8: https://www.openssh.com/txt/release-8.8", + "available since OpenSSH 2.5.0, Dropbear SSH 0.28" + ] + } + }, + { + "algorithm": "ssh-dss", + "notes": { + "fail": [ + "using small 1024-bit modulus" + ], + "info": [ + "disabled in OpenSSH 7.0: https://www.openssh.com/txt/release-7.0", + "available since OpenSSH 2.1.0, Dropbear SSH 0.28" + ], + "warn": [ + "using weak random number generator could reveal the key" + ] + } + } + ], + "mac": [ + { + "algorithm": "hmac-sha1-96", + "notes": { + "fail": [ + "using broken SHA-1 hash algorithm" + ], + "info": [ + "available since OpenSSH 2.5.0, Dropbear SSH 0.47" + ], + "warn": [ + "using encrypt-and-MAC mode" + ] + } + }, + { + "algorithm": "hmac-sha1", + "notes": { + "fail": [ + "using broken SHA-1 hash algorithm" + ], + "info": [ + "available since OpenSSH 2.1.0, Dropbear SSH 0.28" + ], + "warn": [ + "using encrypt-and-MAC mode" + ] + } + }, + { + "algorithm": "hmac-sha2-256", + "notes": { + "info": [ + "available since OpenSSH 5.9, Dropbear SSH 2013.56" + ], + "warn": [ + "using encrypt-and-MAC mode" + ] + } + } + ], + "recommendations": { + "critical": { + "del": { + "enc": [ + { + "name": "3des-cbc", + "notes": "" + }, + { + "name": "3des-ctr", + "notes": "" + } + ], + "kex": [ + { + "name": "diffie-hellman-group14-sha1", + "notes": "" + }, + { + "name": "ecdh-sha2-nistp256", + "notes": "" + }, + { + "name": "ecdh-sha2-nistp384", + "notes": "" + }, + { + "name": "ecdh-sha2-nistp521", + "notes": "" + } + ], + "key": [ + { + "name": "ecdsa-sha2-nistp256", + "notes": "" + }, + { + "name": "ssh-dss", + "notes": "" + }, + { + "name": "ssh-rsa", + "notes": "" + } + ], + "mac": [ + { + "name": "hmac-sha1", + "notes": "" + }, + { + "name": "hmac-sha1-96", + "notes": "" + } + ] + } + }, + "informational": { + "add": { + "enc": [ + { + "name": "twofish128-ctr", + "notes": "" + }, + { + "name": "twofish256-ctr", + "notes": "" + } + ], + "kex": [ + { + "name": "diffie-hellman-group16-sha512", + "notes": "" + } + ] + } + }, + "warning": { + "del": { + "enc": [ + { + "name": "aes128-cbc", + "notes": "" + }, + { + "name": "aes256-cbc", + "notes": "" + } + ], + "kex": [ + { + "name": "diffie-hellman-group14-sha256", + "notes": "" + } + ], + "mac": [ + { + "name": "hmac-sha2-256", + "notes": "" + } + ] + } + } + }, + "target": "localhost:2222" +} |