ssh_scan 0.0.39 → 0.0.44

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 913c588395b88fe25aae08930d7ef15984f75eab0c6976ef868d9c6fbe062f1c
-  data.tar.gz: '0166380a16b6e1f380e4af64d610440bf668b6741985f320fbe6e1dc916cf55f'
+  metadata.gz: 6174ee5e2ad23ab2ba83ecb51af937fba17db13e8dba7590ccf4b2cdb93c9aa5
+  data.tar.gz: dbad23e44d2f0b06625a8ae62eae20e7a7bc94a0aecadf01d143e0c9c1d4d373
 SHA512:
-  metadata.gz: 072a07a4d37cf493a5f295e757cd6b330ceeae98b3dd989500a27df4faa6be29def8ff5e6f48ece3b0784e80571b4bfbb873b6fbdb4900c2f1deb66f7c9b5666
-  data.tar.gz: 7b8c97061c7a57b30c8d77544abe8626209196a55808a990f3dc28dc8e6f1fdf94fd1dad73853a0adc98a8b8cccfdd42d3303e3d3a92478fe9ff34eca186315f
+  metadata.gz: 1acd0b7879e43c38b9ff19487a7a4c4c8e6bb1598a27977dfb13d1c9559d5a222d7cf1a2762325deb29536ce055f6295cbc49382f858f9211639d1de5b0891e9
+  data.tar.gz: 0e880c12f64ece3ba79880f880ff7b7e1fa5b916636518b373bf40985ea4f7be3a3dfca0da9fd1d974364ca26bf8ef52dda798a9357b40f2dc896520cc0ef9b2

data/.travis.yml

@@ -11,37 +11,44 @@ matrix:
       - LABEL=unit_tests
     after_success:
       - coveralls
-  - rvm: 2.5.1
+  - rvm: 2.6.7
     env:
       - LABEL=unit_tests
-  - rvm: 2.4.4
+  - rvm: 2.7.3
     env:
       - LABEL=unit_tests
-  - rvm: 2.3.6
+  - rvm: 3.0.1
     env:
       - LABEL=unit_tests
-  - rvm: 2.5.1
+  - rvm: 2.6.7
     env:
       - LABEL=gem_integration_tests
     script:
       - gem install ssh_scan
       - chmod 755 ./spec/ssh_scan/integration.sh
       - ./spec/ssh_scan/integration.sh
-  - rvm: 2.4.4
+  - rvm: 2.7.3
     env:
       - LABEL=gem_integration_tests
     script:
       - gem install ssh_scan
       - chmod 755 ./spec/ssh_scan/integration.sh
       - ./spec/ssh_scan/integration.sh
-  - rvm: 2.5.0
+  - rvm: 3.0.1
+    env:
+      - LABEL=gem_integration_tests
+    script:
+      - gem install ssh_scan
+      - chmod 755 ./spec/ssh_scan/integration.sh
+      - ./spec/ssh_scan/integration.sh
+  - rvm: 2.7.3
     env:
       - LABEL=src_integration_tests
     script:
       - bundle install
       - chmod 755 ./spec/ssh_scan/integration.sh
       - ./spec/ssh_scan/integration.sh
-  - rvm: 2.5.0
+  - rvm: 3.0.1
     env:
       - LABEL=docker_integration_tests
     services:
@@ -49,7 +56,7 @@ matrix:
     script:
       - docker build -t mozilla/ssh_scan .
       - docker run -it mozilla/ssh_scan /app/spec/ssh_scan/integration.sh
-  - rvm: 2.5.0
+  - rvm: 3.0.1
     env:
       - LABEL=docker_build_and_push
     services:

data/CONTRIBUTING.md

@@ -27,9 +27,9 @@ inclusion, but sending a pull request is much more awesome.
 
 If you want your pull requests to be accepted, please follow the following guidelines:
 
-- [**Add tests!**](http://rspec.info/) Your patch won't be accepted (or will be delayed) if it doesn't have tests.
+- [**Add tests!**](https://rspec.info/) Your patch won't be accepted (or will be delayed) if it doesn't have tests.
 
-- [**Document any change in behaviour**](http://yardoc.org/) Make sure the README and any other
+- [**Document any change in behaviour**](https://yardoc.org/) Make sure the README and any other
   relevant documentation are kept up-to-date.
 
 - [**Create topic branches**](https://github.com/dchelimsky/rspec/wiki/Topic-Branches) Don't ask us to pull from your master branch.
@@ -37,7 +37,7 @@ If you want your pull requests to be accepted, please follow the following guide
 - [**One pull request per feature**](https://help.github.com/articles/using-pull-requests) If you want to do more than one thing, send
   multiple pull requests.
 
-- [**Send coherent history**](http://stackoverflow.com/questions/6934752/git-combining-multiple-commits-before-pushing) Make sure each individual commit in your pull
+- [**Send coherent history**](https://stackoverflow.com/questions/6934752/git-combining-multiple-commits-before-pushing) Make sure each individual commit in your pull
   request is meaningful. If you had to make multiple intermediate commits while
   developing, please squash them before sending them to us.
 

data/README.md

@@ -9,7 +9,7 @@ A SSH configuration and policy scanner
 
 ## Key Benefits
 
-- **Minimal Dependancies** - Uses native Ruby and BinData to do its work, no heavy dependancies.
+- **Minimal Dependencies** - Uses native Ruby and BinData to do its work, no heavy dependencies.
 - **Not Just a Script** - Implementation is portable for use in another project or for automation of tasks.
 - **Simple** - Just point `ssh_scan` at an SSH service and get a JSON report of what it supports and its policy status.
 - **Configurable** - Make your own custom policies that fit your unique policy requirements.
@@ -27,7 +27,7 @@ To run from a docker container, type:
 
 ```bash
 docker pull mozilla/ssh_scan
-docker run -it mozilla/ssh_scan /app/bin/ssh_scan -t sshscan.rubidus.com
+docker run -it mozilla/ssh_scan -t sshscan.rubidus.com
 ```
 
 To install and run from source, type:
@@ -83,13 +83,12 @@ Examples:
   ssh_scan -t 192.168.1.1 --unit-test -P custom_policy.yml
 ```
 
-- See here for [example video](https://asciinema.org/a/7pliiw5zqhj7eqvz7q437u6vx)
 - See here for [example output](https://github.com/mozilla/ssh_scan/blob/master/examples/192.168.1.1.json)
 - See here for [example policies](https://github.com/mozilla/ssh_scan/blob/master/config/policies)
 
 ## ssh_scan as a service/api?
 
-This project is soley for ssh_scan engine/command-line usage.
+This project is solely for ssh_scan engine/command-line usage.
 
 If you would like to run ssh_scan as a service, please refer to [the ssh_scan_api project](https://github.com/mozilla/ssh_scan_api)
 

data/bin/ssh_scan

@@ -4,7 +4,6 @@
 $:.unshift File.join(File.dirname(__FILE__), "../lib")
 
 require 'json'
-require 'netaddr'
 require 'optparse'
 require 'ssh_scan'
 require 'logger'
@@ -20,7 +19,7 @@ options = {
   "verbosity" => nil,
   "logger" => Logger.new(STDERR),
   "fingerprint_database" => ENV['HOME']+'/.ssh_scan_fingerprints.yml',
-  "output_type" => "json"
+  "output_type" => nil
 }
 
 # Reorder arguments before parsing
@@ -106,7 +105,8 @@ scan") do |file|
 
   opts.on("-o", "--output [FilePath]",
           "File to write JSON output to") do |file|
-    $stdout.reopen(file, "w")
+    options["output"] = file
+    # $stdout.reopen(file, "w")
   end
 
   opts.on("--output-type [json, yaml]",
@@ -238,9 +238,23 @@ options["policy_file"] = SSHScan::Policy.from_file(options["policy"])
 scan_engine = SSHScan::ScanEngine.new()
 results = scan_engine.scan(options)
 
-if options["output_type"] == "yaml"
+if options["output_type"] == "yaml" && (options["output"].nil? || options["output"].empty?)
   puts YAML.dump(results)
-elsif options["output_type"] == "json"
+elsif options["output_type"] == "json" && (options["output"].nil? || options["output"].empty?)
+  puts JSON.pretty_generate(results)
+elsif (options["output_type"].nil? || options["output_type"].empty?) && (!options["output"].nil? && options["output"].split(".").last.downcase == "yml")
+  open(options["output"], 'w') do |f|
+    f.puts YAML.dump(results)
+  end
+elsif (options["output_type"].nil? || options["output_type"].empty?) && (!options["output"].nil? && options["output"].split(".").last.downcase == "json")
+  open(options["output"], 'w') do |f|
+    f.puts JSON.pretty_generate(results)
+  end
+elsif (options["output_type"].nil? || options["output_type"].empty?) && options["output"]
+  open(options["output"], 'w') do |f|
+    f.puts JSON.pretty_generate(results)
+  end
+else
   puts JSON.pretty_generate(results)
 end
 

data/config/policies/just_etm_macs.yaml

@@ -0,0 +1,24 @@
+---
+name: Mozilla Modern - with just ETM macs
+ssh_version: 2.0
+auth_methods:
+- publickey
+kex:
+- curve25519-sha256@libssh.org
+- ecdh-sha2-nistp521
+- ecdh-sha2-nistp384
+- ecdh-sha2-nistp256
+- diffie-hellman-group-exchange-sha256
+encryption:
+- chacha20-poly1305@openssh.com
+- aes256-gcm@openssh.com
+- aes128-gcm@openssh.com
+- aes256-ctr
+- aes192-ctr
+- aes128-ctr
+macs:
+- hmac-sha2-512-etm@openssh.com
+- hmac-sha2-256-etm@openssh.com
+- umac-128-etm@openssh.com
+references:
+- https://example.com/custom_policy

data/lib/ssh_scan/client.rb

@@ -70,6 +70,9 @@ module SSHScan
       rescue Errno::EHOSTUNREACH => e
         @error = SSHScan::Error::ConnectionRefused.new(e.message)
         @sock = nil
+      rescue Errno::ENOPROTOOPT => e
+        @error = SSHScan::Error::ConnectionRefused.new(e.message)
+        @sock = nil
       else
         if @raw_server_banner.nil?
           @error = SSHScan::Error::NoBanner.new(

data/lib/ssh_scan/public_key.rb

@@ -20,6 +20,10 @@ module SSHScan
           return "rsa"
         elsif @key_string.start_with?("ssh-dss")
           return "dsa"
+        elsif @key_string.start_with?("ecdsa-sha2-nistp256")
+          return "ecdsa-sha2-nistp256"
+        elsif @key_string.start_with?("ssh-ed25519")
+          return "ed25519"
         else
           return "unknown"
         end 
@@ -35,10 +39,11 @@ module SSHScan
 
       def fingerprint_sha1
         SSHKey.sha1_fingerprint(@key_string)
-      end    
+      end
 
       def fingerprint_sha256
-        SSHKey.sha256_fingerprint(@key_string)
+        # We're translating this to hex because the SSHKEY default isn't as useful for comparing with SSHFP records
+        Base64.decode64(SSHKey.sha256_fingerprint(@key_string)).hexify(:delim => ":")
       end
 
       def to_hash

data/lib/ssh_scan/result.rb

@@ -157,12 +157,20 @@ module SSHScan
       @auth_methods = auth_methods
     end
 
+    def keys
+      @keys || {}
+    end
+
     def keys=(keys)
       @keys = keys
     end
 
-    def keys
-      @keys
+    def dns_keys
+      @dns_keys
+    end
+
+    def dns_keys=(dns_keys)
+      @dns_keys = dns_keys
     end
 
     def duplicate_host_key_ips=(duplicate_host_key_ips)
@@ -250,6 +258,7 @@ module SSHScan
       	"languages_server_to_client" => self.languages_server_to_client,
       	"auth_methods" => self.auth_methods,
         "keys" => self.keys,
+        "dns_keys" => self.dns_keys,
         "duplicate_host_key_ips" => self.duplicate_host_key_ips.uniq,
       	"compliance" => @compliance,
         "start_time" => self.start_time,

data/lib/ssh_scan/scan_engine.rb

@@ -3,6 +3,7 @@ require 'ssh_scan/client'
 require 'ssh_scan/public_key'
 require 'ssh_scan/fingerprint_database'
 require 'ssh_scan/subprocess'
+require 'ssh_scan/ssh_fp'
 require 'net/ssh'
 require 'logger'
 require 'open3'
@@ -97,7 +98,7 @@ module SSHScan
                             target,
                             :port => port,
                             :timeout => timeout,
-                            :paranoid => false
+                            :verify_host_key => :never
                           )
         raise SSHScan::Error::ClosedConnection.new if net_ssh_session.closed?
         auth_session = Net::SSH::Authentication::Session.new(
@@ -123,7 +124,7 @@ module SSHScan
 
       output = ""
 
-      cmd = ['ssh-keyscan', '-t', 'rsa,dsa', '-p', port.to_s, target].join(" ")
+      cmd = ['ssh-keyscan', '-t', 'rsa,dsa,ecdsa,ed25519', '-p', port.to_s, target].join(" ")
 
       Utils::Subprocess.new(cmd) do |stdout, stderr, thread|
         if stdout
@@ -144,6 +145,16 @@ module SSHScan
           key = SSHScan::Crypto::PublicKey.new([host_keys[i], host_keys[i + 1]].join(" "))
           keys.merge!(key.to_hash)
         end
+
+        if host_keys[i].eql? "ecdsa-sha2-nistp256"
+          key = SSHScan::Crypto::PublicKey.new([host_keys[i], host_keys[i + 1]].join(" "))
+          keys.merge!(key.to_hash)
+        end
+
+        if host_keys[i].eql? "ssh-ed25519"
+          key = SSHScan::Crypto::PublicKey.new([host_keys[i], host_keys[i + 1]].join(" "))
+          keys.merge!(key.to_hash)
+        end
       end
 
       result.keys = keys
@@ -211,6 +222,15 @@ module SSHScan
         end
       end
 
+      # Decorate all the results with SSHFP records
+      sshfp = SSHScan::SshFp.new()
+      results.each do |result|
+        if !result.hostname.empty?
+          dns_keys = sshfp.query(result.hostname)
+          result.dns_keys = dns_keys
+        end
+      end
+
       # Decorate all the results with compliance information
       results.each do |result|
         # Do this only when we have all the information we need

data/lib/ssh_scan/ssh_fp.rb

@@ -0,0 +1,57 @@
+require 'resolv'
+
+module SSHScan
+  class SshFp
+    
+    ALGO_MAP = {
+      0 => "reserved", # Reference: https://tools.ietf.org/html/rfc4255#section-2.4
+      1 => "rsa",      # Reference: https://tools.ietf.org/html/rfc4255#section-2.4
+      2 => "dss",      # Reference: https://tools.ietf.org/html/rfc4255#section-2.4
+      3 => "ecdsa",    # Reference: https://tools.ietf.org/html/rfc6594#section-5.3.1
+      4 => "ed25519"   # Reference: https://tools.ietf.org/html/rfc7479
+    }
+
+    
+    FPTYPE_MAP = {
+      0 => "reserved",  # Reference: https://tools.ietf.org/html/rfc4255#section-2.4
+      1 => "sha1",      # Reference: https://tools.ietf.org/html/rfc4255#section-2.4
+      2 => "sha256"     # Reference: https://tools.ietf.org/html/rfc6594#section-5.1.2
+    }
+
+
+    def query(fqdn)
+      sshfp_records = []
+
+      # try up to 5 times to resolve ssh_fp's
+      5.times do
+
+        # Reference: https://stackoverflow.com/questions/28867626/how-to-use-resolvdnsresourcegeneric
+        # Note: this includes some fixes too, I'll post a direct link back to the SO article.
+        Resolv::DNS.open do |dns|
+           all_records = dns.getresources(fqdn, Resolv::DNS::Resource::IN::ANY ) rescue nil
+           all_records.each do |rr|
+              if rr.is_a? Resolv::DNS::Resource::Generic then
+                 classname = rr.class.name.split('::').last
+                 if classname == "Type44_Class1"
+                   data = rr.data.bytes
+                   algo = data[0].to_s
+                   fptype = data[1].to_s
+                   fp = data[2..-1]
+                   hex = fp.map{|b| b.to_s(16).rjust(2,'0') }.join(':')
+                   sshfp_records << {"fptype" => FPTYPE_MAP[fptype.to_i], "algo" => ALGO_MAP[algo.to_i], "hex" => hex}
+                 end
+              end
+           end
+        end
+
+        if sshfp_records.any?
+          return sshfp_records.sort_by { |k| k["hex"] }
+        end
+
+        sleep 0.5
+      end 
+
+      return sshfp_records
+    end
+  end
+end

data/lib/ssh_scan/target_parser.rb

@@ -8,7 +8,7 @@ module SSHScan
     # @param ip [String] IP address
     # @param port [Fixnum] port
     # @return [Array] array of enumerated addresses
-    def enumerateIPRange(ip,port)
+    def enumerateIPRange(ip,port=nil)
       if ip.fqdn?
         if port.nil?
           socket = ip
@@ -17,29 +17,22 @@ module SSHScan
         end
         return [socket]
       else
-        if ip.include? "-"
-          octets = ip.split('.')
-          range = octets.pop.split('-')
-          lower = NetAddr::CIDR.create(octets.join('.') + "." + range[0])
-          upper = NetAddr::CIDR.create(octets.join('.') + "." + range[1])
-          ip_array = NetAddr.range(lower, upper,:Inclusive => true)
-          if !port.nil?
-            ip_array.map! { |i| i.concat(":").concat(port.to_s) }
-          end
-          return ip_array
-        elsif ip.include? "/"
+        if ip.include? "/"
           begin
-            cidr = NetAddr::CIDR.create(ip)
+            ip_net = NetAddr::IPv4Net.parse(ip)
           rescue
             raise ArgumentError, "Invalid target: #{ip}"
           end
-          ip_array = cidr.enumerate
-          ip_array.delete(cidr.network)
-          ip_array.delete(cidr.last)
+
+          sock_array = []
+          1.upto(ip_net.len - 2) do |i|
+            sock_array << ip_net.nth(i).to_s
+          end
+
           if !port.nil?
-            ip_array.map! { |i| i.concat(":").concat(port.to_s) }
+            sock_array.map! { |i| i.concat(":").concat(port.to_s) }
           end
-          return ip_array
+          return sock_array
         else
           if port.nil?
             socket = ip

data/lib/ssh_scan/version.rb

@@ -1,3 +1,3 @@
 module SSHScan
-  VERSION = '0.0.39'
+  VERSION = '0.0.44'
 end

data/lib/string_ext.rb

@@ -55,7 +55,11 @@ class String
   end
 
   def resolve_fqdn
-    TCPSocket.gethostbyname(self)[3]
+    begin
+      IPSocket.getaddress(self)
+    rescue SocketError
+      nil # Can return anything you want here
+    end
   end
 
   def resolve_ptr(timeout = 3)
@@ -69,6 +73,31 @@ class String
     end
   end
 
+  # Stolen from: https://github.com/emonti/rbkb/blob/master/lib/rbkb/extends/string.rb
+  def hexify(opts={})
+    delim = opts[:delim]
+    pre = (opts[:prefix] || "")
+    suf = (opts[:suffix] || "")
+
+    if (rx=opts[:rx]) and not rx.kind_of? Regexp
+      raise "rx must be a regular expression for a character class"
+    end
+
+    hx = [("0".."9").to_a, ("a".."f").to_a].flatten
+
+    out=Array.new
+
+    self.each_byte do |c|
+      hc = if (rx and not rx.match c.chr)
+             c.chr
+           else
+             pre + (hx[(c >> 4)] + hx[(c & 0xf )]) + suf
+           end
+      out << (hc)
+    end
+    out.join(delim)
+  end
+
   def fqdn?
     begin
       resolve_fqdn

data/ssh_scan.gemspec

@@ -31,12 +31,14 @@ Gem::Specification.new do |s|
   s.metadata["yard.run"] = "yri" # use "yard" to build full HTML docs
 
   s.add_dependency('bindata', '2.4.3')
-  s.add_dependency('netaddr', '1.5.1')
-  s.add_dependency('net-ssh', '5.0.2')
+  s.add_dependency('netaddr', '2.0.4')
+  s.add_dependency('net-ssh', '6.0.2')
+  s.add_dependency('ed25519', '1.2.4')
+  s.add_dependency('bcrypt_pbkdf', '1.0.1')
   s.add_dependency('sshkey')
   s.add_development_dependency('pry', '0.11.3')
   s.add_development_dependency('rspec', '3.7.0')
   s.add_development_dependency('rspec-its', '1.2.0')
-  s.add_development_dependency('rake', '12.3.1')
+  s.add_development_dependency "rake", ">= 12.3.3"
   s.add_development_dependency('rubocop')
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ssh_scan
 version: !ruby/object:Gem::Version
-  version: 0.0.39
+  version: 0.0.44
 platform: ruby
 authors:
 - Jonathan Claudius
@@ -9,10 +9,10 @@ authors:
 - Harsh Vardhan
 - Rishabh Saxena
 - Ashish Gaurav
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-01-18 00:00:00.000000000 Z
+date: 2021-05-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bindata
@@ -34,28 +34,56 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.5.1
+        version: 2.0.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.5.1
+        version: 2.0.4
 - !ruby/object:Gem::Dependency
   name: net-ssh
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.0.2
+        version: 6.0.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.0.2
+        version: 6.0.2
+- !ruby/object:Gem::Dependency
+  name: ed25519
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.2.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.2.4
+- !ruby/object:Gem::Dependency
+  name: bcrypt_pbkdf
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.0.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.0.1
 - !ruby/object:Gem::Dependency
   name: sshkey
   requirement: !ruby/object:Gem::Requirement
@@ -116,16 +144,16 @@ dependencies:
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 12.3.1
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 12.3.1
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
@@ -155,6 +183,7 @@ files:
 - README.md
 - Rakefile
 - bin/ssh_scan
+- config/policies/just_etm_macs.yaml
 - config/policies/mozilla_intermediate.yml
 - config/policies/mozilla_modern.yml
 - data/README
@@ -190,6 +219,7 @@ files:
 - lib/ssh_scan/public_key.rb
 - lib/ssh_scan/result.rb
 - lib/ssh_scan/scan_engine.rb
+- lib/ssh_scan/ssh_fp.rb
 - lib/ssh_scan/ssh_lib.rb
 - lib/ssh_scan/ssh_lib/ciscossh.rb
 - lib/ssh_scan/ssh_lib/cryptlib.rb
@@ -217,7 +247,7 @@ licenses:
 - ruby
 metadata:
   yard.run: yri
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -232,8 +262,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.2
-signing_key: 
+rubygems_version: 3.2.15
+signing_key:
 specification_version: 4
 summary: Ruby-based SSH Scanner
 test_files: []