Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/rapid7/ssh-badkeys
A collection of static SSH keys (public and private) that have made their way into software and hardware products.
https://github.com/rapid7/ssh-badkeys
Last synced: 3 months ago
JSON representation
A collection of static SSH keys (public and private) that have made their way into software and hardware products.
- Host: GitHub
- URL: https://github.com/rapid7/ssh-badkeys
- Owner: rapid7
- License: mit
- Created: 2015-01-21T21:25:45.000Z (almost 10 years ago)
- Default Branch: master
- Last Pushed: 2024-01-02T17:59:04.000Z (10 months ago)
- Last Synced: 2024-04-11T16:32:38.703Z (7 months ago)
- Size: 84 KB
- Stars: 813
- Watchers: 127
- Forks: 117
- Open Issues: 8
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-security-collection - **564**星
README
# SSH Bad Keys
This is a collection of static SSH keys (host and authentication) that have made their way into software and hardware products. This was inspired by the [Little Black Box](https://code.google.com/p/littleblackbox/) project, but focused primarily on SSH (as opposed to TLS) keys.
Keys are split into two categories; authorized keys and host keys. The authorized keys can be used to gain access to a device with this public key. The host keys can be used to conduct a MITM attack against the device, but do not provide direct access.
This collection depends on submissions from researchers to stay relevant. If you are aware of a static key (host or authorized), please open an [Issue](https://github.com/rapid7/ssh-badkeys/issues) or submit a Pull Request. The [Issues](https://github.com/rapid7/ssh-badkeys/issues) list also contains a wishlist of known bad keys that we would like to include.
For additional key types and a broader scope, take a look at the [Kompromat](https://github.com/BenBE/kompromat) project.