https://github.com/sio/weak-ssh-keygen

Scared by DSA-1571-1?
https://github.com/sio/weak-ssh-keygen

Last synced: 24 days ago
JSON representation

Scared by DSA-1571-1?

• Host: GitHub
• URL: https://github.com/sio/weak-ssh-keygen
• Owner: sio
• Created: 2024-04-09T13:55:54.000Z (about 1 year ago)
• Default Branch: master
• Last Pushed: 2024-04-10T10:45:07.000Z (about 1 year ago)
• Last Synced: 2024-04-10T20:15:21.891Z (about 1 year ago)
• Language: Go
• Homepage:
• Size: 19.5 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# Generate ssh keys in a loop and check their uniqueness

This is a safeguard against a repeat of

[DSA-1571-1](https://security-tracker.debian.org/tracker/DSA-1571-1).

Good writeup by Matt Palmer:

[How I Tripped Over the Debian Weak Keys Vulnerability](https://www.hezmatt.org/~mpalmer/blog/2024/04/09/how-i-tripped-over-the-debian-weak-keys-vuln.html)

Author uses only ed25519; other key algorithms are not tested.

## License and copyright

Copyright 2024 Vitaly Potyarkin

```

   Licensed under the Apache License, Version 2.0 (the "License");

   you may not use this file except in compliance with the License.

   You may obtain a copy of the License at

       http://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing, software

   distributed under the License is distributed on an "AS IS" BASIS,

   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

   See the License for the specific language governing permissions and

   limitations under the License.

```