summaryrefslogtreecommitdiffstats
path: root/test/docker/expected_results/dropbear_2019.78_test1.json
diff options
context:
space:
mode:
Diffstat (limited to 'test/docker/expected_results/dropbear_2019.78_test1.json')
-rw-r--r--test/docker/expected_results/dropbear_2019.78_test1.json371
1 files changed, 371 insertions, 0 deletions
diff --git a/test/docker/expected_results/dropbear_2019.78_test1.json b/test/docker/expected_results/dropbear_2019.78_test1.json
new file mode 100644
index 0000000..55dd8b6
--- /dev/null
+++ b/test/docker/expected_results/dropbear_2019.78_test1.json
@@ -0,0 +1,371 @@
+{
+ "additional_notes": [
+ ""
+ ],
+ "banner": {
+ "comments": null,
+ "protocol": "2.0",
+ "raw": "SSH-2.0-dropbear_2019.78",
+ "software": "dropbear_2019.78"
+ },
+ "compression": [
+ "zlib@openssh.com",
+ "none"
+ ],
+ "cves": [],
+ "enc": [
+ {
+ "algorithm": "aes128-ctr",
+ "notes": {
+ "info": [
+ "available since OpenSSH 3.7, Dropbear SSH 0.52"
+ ]
+ }
+ },
+ {
+ "algorithm": "aes256-ctr",
+ "notes": {
+ "info": [
+ "available since OpenSSH 3.7, Dropbear SSH 0.52"
+ ]
+ }
+ },
+ {
+ "algorithm": "aes128-cbc",
+ "notes": {
+ "info": [
+ "available since OpenSSH 2.3.0, Dropbear SSH 0.28"
+ ],
+ "warn": [
+ "using weak cipher mode"
+ ]
+ }
+ },
+ {
+ "algorithm": "aes256-cbc",
+ "notes": {
+ "info": [
+ "available since OpenSSH 2.3.0, Dropbear SSH 0.47"
+ ],
+ "warn": [
+ "using weak cipher mode"
+ ]
+ }
+ },
+ {
+ "algorithm": "3des-ctr",
+ "notes": {
+ "fail": [
+ "using broken & deprecated 3DES cipher"
+ ],
+ "info": [
+ "available since Dropbear SSH 0.52"
+ ]
+ }
+ },
+ {
+ "algorithm": "3des-cbc",
+ "notes": {
+ "fail": [
+ "using broken & deprecated 3DES cipher"
+ ],
+ "info": [
+ "available since OpenSSH 1.2.2, Dropbear SSH 0.28"
+ ],
+ "warn": [
+ "using weak cipher mode",
+ "using small 64-bit block size"
+ ]
+ }
+ }
+ ],
+ "fingerprints": [
+ {
+ "hash": "CDfAU12pjQS7/91kg7gYacza0U/6PDbE04Ic3IpYxkM",
+ "hash_alg": "SHA256",
+ "hostkey": "ssh-rsa"
+ },
+ {
+ "hash": "63:7f:54:f7:0a:28:7f:75:0b:f4:07:0b:fc:66:51:a2",
+ "hash_alg": "MD5",
+ "hostkey": "ssh-rsa"
+ }
+ ],
+ "kex": [
+ {
+ "algorithm": "curve25519-sha256",
+ "notes": {
+ "info": [
+ "default key exchange since OpenSSH 6.4",
+ "available since OpenSSH 7.4, Dropbear SSH 2018.76"
+ ]
+ }
+ },
+ {
+ "algorithm": "curve25519-sha256@libssh.org",
+ "notes": {
+ "info": [
+ "default key exchange since OpenSSH 6.4",
+ "available since OpenSSH 6.4, Dropbear SSH 2013.62"
+ ]
+ }
+ },
+ {
+ "algorithm": "ecdh-sha2-nistp521",
+ "notes": {
+ "fail": [
+ "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency"
+ ],
+ "info": [
+ "available since OpenSSH 5.7, Dropbear SSH 2013.62"
+ ]
+ }
+ },
+ {
+ "algorithm": "ecdh-sha2-nistp384",
+ "notes": {
+ "fail": [
+ "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency"
+ ],
+ "info": [
+ "available since OpenSSH 5.7, Dropbear SSH 2013.62"
+ ]
+ }
+ },
+ {
+ "algorithm": "ecdh-sha2-nistp256",
+ "notes": {
+ "fail": [
+ "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency"
+ ],
+ "info": [
+ "available since OpenSSH 5.7, Dropbear SSH 2013.62"
+ ]
+ }
+ },
+ {
+ "algorithm": "diffie-hellman-group14-sha256",
+ "notes": {
+ "info": [
+ "available since OpenSSH 7.3, Dropbear SSH 2016.73"
+ ],
+ "warn": [
+ "2048-bit modulus only provides 112-bits of symmetric strength"
+ ]
+ }
+ },
+ {
+ "algorithm": "diffie-hellman-group14-sha1",
+ "notes": {
+ "fail": [
+ "using broken SHA-1 hash algorithm"
+ ],
+ "info": [
+ "available since OpenSSH 3.9, Dropbear SSH 0.53"
+ ],
+ "warn": [
+ "2048-bit modulus only provides 112-bits of symmetric strength"
+ ]
+ }
+ },
+ {
+ "algorithm": "kexguess2@matt.ucc.asn.au",
+ "notes": {
+ "info": [
+ "available since Dropbear SSH 2013.57"
+ ]
+ }
+ }
+ ],
+ "key": [
+ {
+ "algorithm": "ecdsa-sha2-nistp256",
+ "notes": {
+ "fail": [
+ "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency"
+ ],
+ "info": [
+ "available since OpenSSH 5.7, Dropbear SSH 2013.62"
+ ],
+ "warn": [
+ "using weak random number generator could reveal the key"
+ ]
+ }
+ },
+ {
+ "algorithm": "ssh-rsa",
+ "keysize": 1024,
+ "notes": {
+ "fail": [
+ "using broken SHA-1 hash algorithm",
+ "using small 1024-bit modulus"
+ ],
+ "info": [
+ "deprecated in OpenSSH 8.8: https://www.openssh.com/txt/release-8.8",
+ "available since OpenSSH 2.5.0, Dropbear SSH 0.28"
+ ]
+ }
+ },
+ {
+ "algorithm": "ssh-dss",
+ "notes": {
+ "fail": [
+ "using small 1024-bit modulus"
+ ],
+ "info": [
+ "disabled in OpenSSH 7.0: https://www.openssh.com/txt/release-7.0",
+ "available since OpenSSH 2.1.0, Dropbear SSH 0.28"
+ ],
+ "warn": [
+ "using weak random number generator could reveal the key"
+ ]
+ }
+ }
+ ],
+ "mac": [
+ {
+ "algorithm": "hmac-sha1-96",
+ "notes": {
+ "fail": [
+ "using broken SHA-1 hash algorithm"
+ ],
+ "info": [
+ "available since OpenSSH 2.5.0, Dropbear SSH 0.47"
+ ],
+ "warn": [
+ "using encrypt-and-MAC mode"
+ ]
+ }
+ },
+ {
+ "algorithm": "hmac-sha1",
+ "notes": {
+ "fail": [
+ "using broken SHA-1 hash algorithm"
+ ],
+ "info": [
+ "available since OpenSSH 2.1.0, Dropbear SSH 0.28"
+ ],
+ "warn": [
+ "using encrypt-and-MAC mode"
+ ]
+ }
+ },
+ {
+ "algorithm": "hmac-sha2-256",
+ "notes": {
+ "info": [
+ "available since OpenSSH 5.9, Dropbear SSH 2013.56"
+ ],
+ "warn": [
+ "using encrypt-and-MAC mode"
+ ]
+ }
+ }
+ ],
+ "recommendations": {
+ "critical": {
+ "del": {
+ "enc": [
+ {
+ "name": "3des-cbc",
+ "notes": ""
+ },
+ {
+ "name": "3des-ctr",
+ "notes": ""
+ }
+ ],
+ "kex": [
+ {
+ "name": "diffie-hellman-group14-sha1",
+ "notes": ""
+ },
+ {
+ "name": "ecdh-sha2-nistp256",
+ "notes": ""
+ },
+ {
+ "name": "ecdh-sha2-nistp384",
+ "notes": ""
+ },
+ {
+ "name": "ecdh-sha2-nistp521",
+ "notes": ""
+ }
+ ],
+ "key": [
+ {
+ "name": "ecdsa-sha2-nistp256",
+ "notes": ""
+ },
+ {
+ "name": "ssh-dss",
+ "notes": ""
+ },
+ {
+ "name": "ssh-rsa",
+ "notes": ""
+ }
+ ],
+ "mac": [
+ {
+ "name": "hmac-sha1",
+ "notes": ""
+ },
+ {
+ "name": "hmac-sha1-96",
+ "notes": ""
+ }
+ ]
+ }
+ },
+ "informational": {
+ "add": {
+ "enc": [
+ {
+ "name": "twofish128-ctr",
+ "notes": ""
+ },
+ {
+ "name": "twofish256-ctr",
+ "notes": ""
+ }
+ ],
+ "kex": [
+ {
+ "name": "diffie-hellman-group16-sha512",
+ "notes": ""
+ }
+ ]
+ }
+ },
+ "warning": {
+ "del": {
+ "enc": [
+ {
+ "name": "aes128-cbc",
+ "notes": ""
+ },
+ {
+ "name": "aes256-cbc",
+ "notes": ""
+ }
+ ],
+ "kex": [
+ {
+ "name": "diffie-hellman-group14-sha256",
+ "notes": ""
+ }
+ ],
+ "mac": [
+ {
+ "name": "hmac-sha2-256",
+ "notes": ""
+ }
+ ]
+ }
+ }
+ },
+ "target": "localhost:2222"
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-07 10:20:22 +0000