mailing list archives
NSE Idea: Script to show SSHD host fingerprints
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Thu, 15 May 2008 20:27:26 +0000
-----BEGIN PGP SIGNED MESSAGE-----
With the recent Debian OpenSSL/SSH PRNG seeding flaw affecting a bunch
of Debian derived boxes, we have a need to enumerate SSH host key
fingerprints. I'm looking at tools or ways to scripting this for our
campus but I'm sure there are thousands of other people in the same
situation we're in.
It occurs to me that NSE is probably a good tool for the job. If we
had a script to print SSH fingerprints (preferably SSH v1 and v2) it
would really be valuable to many people.
I haven't looked extensively into this and I don't know how hard it
would be in NSE without any crypto/math libraries but if someone here
does have the time to put into researching and possibly writing the
script it would be much appreciated.
OpenSSH comes with ssh-keyscan which means I'll be able to hack
something together. Having the fingerprint functionality built into a
NSE script would be really awesome though.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
-----END PGP SIGNATURE-----
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org
- NSE Idea: Script to show SSHD host fingerprints Brandon Enright (May 15)