ssh_scan 0.0.10.beta.2 → 0.0.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a689938f463c860bb90bb1d4f5772ff961d745d7
-  data.tar.gz: a3945bd66434b5e9edd8348d1e65ab96c2214e4a
+  metadata.gz: 6403790d58c64fd35088e7052eb051074a153b48
+  data.tar.gz: 8ca8d5eaa79005c5479719672f55c44bbd806b58
 SHA512:
-  metadata.gz: 5c6a0fde028fc24d8509c8ac3a6572c398c1ac5a85694115772bf1d5a3ee5b9ed8215409deb38ba6cb3682a361d764cb58816e45bf9a45a8a7882849eff33599
-  data.tar.gz: 2a345e980a7c53f52834251a5da73e93838c82068629c81e40c75616524b4b4f31256b1077446fe1254b8a53bc9abed16b52b3fd264c8396b2096abfb04cd1ba
+  metadata.gz: 9ea2a32f03d07f1435f2582ef49bef0cb3b89a7ae60cfc7597c09989d5fa5c6dbda3eb1dd136a6fbc30fb960ff9ccb234ab15a646cf845d7fc2ead316cd268d6
+  data.tar.gz: 67e6065dbccd032dd3db6356397d24179db910570d3662f024ca3587ac4c7951d4ec4f6651671cebc548b2fbdae93f13025386c911fc386fb203f3b15d618429

data/.travis.yml

@@ -8,6 +8,20 @@ matrix:
       - docker
     script:
       - docker build -t mozilla/ssh_scan .
+      - >
+          if [ "$TRAVIS_PULL_REQUEST" == "false" ]; then \
+            docker login -u="$DOCKER_USER" -p="$DOCKER_PASS" ;\
+            docker push mozilla/ssh_scan:latest ;\
+          else \
+            exit 0 ;\
+          fi
+  - rvm: 2.3.0
+    script:
+      - gem install ssh_scan
+  - rvm: 2.3.0
+    script:
+      - chmod 755 ./spec/ssh_scan/integration.sh
+      - ./spec/ssh_scan/integration.sh
   - rvm: 2.2.0
   - rvm: 2.1.3
   - rvm: 2.0.0

data/README.md

@@ -15,14 +15,21 @@ A SSH configuration and policy scanner
 
 ## Setup
 
-To install as a gem, type:
+To install and run as a gem, type:
 
 ```bash
 gem install ssh_scan
 ssh_scan
 ```
 
-To install from source, type:
+To run from a docker container, type:
+
+```bash
+docker pull mozilla/ssh_scan
+docker run -it mozilla/ssh_scan /app/bin/ssh_scan -t github.com
+```
+
+To install and run from source, type:
 
 ```bash
 # clone repo
@@ -50,14 +57,16 @@ bundle install
 
 Run `ssh_scan -h` to get this
 
-    ssh_scan v0.0.9 (https://github.com/mozilla/ssh_scan)
+    ssh_scan v0.0.10 (https://github.com/mozilla/ssh_scan)
 
     Usage: ssh_scan [options]
         -t, --target [IP/Range/Hostname] IP/Ranges/Hostname to scan
         -f, --file [FilePath]            File Path of the file containing IP/Range/Hostnames to scan
+        -T, --timeout [seconds]          Timeout per connect after which ssh_scan gives up on the host
         -o, --output [FilePath]          File to write JSON output to
         -p, --port [PORT]                Port (Default: 22)
         -P, --policy [FILE]              Custom policy file (Default: Mozilla Modern)
+            --threads [NUMBER]           Number of worker threads (Default: 5)
         -u, --unit-test [FILE]           Throw appropriate exit codes based on compliance status
         -v, --version                    Display just version info
         -h, --help                       Show this message
@@ -67,12 +76,14 @@ Run `ssh_scan -h` to get this
       ssh_scan -t 192.168.1.1
       ssh_scan -t server.example.com
       ssh_scan -t ::1
+      ssh_scan -t ::1 -T 5
       ssh_scan -f hosts.txt
       ssh_scan -o output.json
       ssh_scan -t 192.168.1.1 -p 22222
       ssh_scan -t 192.168.1.1 -P custom_policy.yml
       ssh_scan -t 192.168.1.1 --unit-test -P custom_policy.yml
 
+
 - See here for [example video](https://asciinema.org/a/7pliiw5zqhj7eqvz7q437u6vx)
 - See here for [example output](https://github.com/mozilla/ssh_scan/blob/master/examples/192.168.1.1.json)
 - See here for [example policies](https://github.com/mozilla/ssh_scan/blob/master/policies)

data/bin/ssh_scan

@@ -12,8 +12,13 @@ options = {
   :targets => [],
   :port => 22,
   :policy => File.expand_path("../../policies/mozilla_modern.yml", __FILE__),
-  :unit_test => false
+  :unit_test => false,
+  :timeout => 2,
+  :threads => 5,
 }
+
+target_parser = SSHScan::TargetParser.new()
+
 opt_parser = OptionParser.new do |opts|
   opts.banner = "ssh_scan v#{SSHScan::VERSION} (https://github.com/mozilla/ssh_scan)\n\n" +
                 "Usage: ssh_scan [options]"
@@ -21,11 +26,7 @@ opt_parser = OptionParser.new do |opts|
   opts.on("-t", "--target [IP/Range/Hostname]", Array,
           "IP/Ranges/Hostname to scan") do |ips|
     ips.each do |ip|
-      if ip.fqdn?
-        options[:targets] += [ip]
-      else
-        options[:targets] += NetAddr::CIDR.create(ip).enumerate
-      end
+      options[:targets] += target_parser.enumerateIPRange(ip)
     end
   end
 
@@ -36,10 +37,17 @@ opt_parser = OptionParser.new do |opts|
       exit
     end
     File.open(file).each do |line|
-      options[:targets] += line.chomp.split(',')
+      line.chomp.split(',').each do |ip|
+        options[:targets] += target_parser.enumerateIPRange(ip)
+      end
     end
   end
 
+  opts.on("-T", "--timeout [seconds]",
+          "Timeout per connect after which ssh_scan gives up on the host") do |timeout|
+    options[:timeout] = timeout.to_i
+  end
+
   opts.on("-o", "--output [FilePath]",
           "File to write JSON output to") do |file|
     $stdout.reopen(file, "w")
@@ -55,6 +63,11 @@ opt_parser = OptionParser.new do |opts|
     options[:policy] = policy
   end
 
+  opts.on("--threads [NUMBER]",
+          "Number of worker threads (Default: 5)") do |threads|
+    options[:threads] = threads.to_i
+  end
+
   opts.on("-u", "--unit-test [FILE]",
           "Throw appropriate exit codes based on compliance status") do
     options[:unit_test] = true
@@ -72,6 +85,7 @@ opt_parser = OptionParser.new do |opts|
     puts "\n  ssh_scan -t 192.168.1.1"
     puts "  ssh_scan -t server.example.com"
     puts "  ssh_scan -t ::1"
+    puts "  ssh_scan -t ::1 -T 5"
     puts "  ssh_scan -f hosts.txt"
     puts "  ssh_scan -o output.json"
     puts "  ssh_scan -t 192.168.1.1 -p 22222"
@@ -87,27 +101,27 @@ opt_parser.parse!
 if options[:targets].nil?
   puts opt_parser.help
   puts "\nReason: no target specified"
-  exit
+  exit 1
 end
 
 options[:targets].each do |target|
   unless target.ip_addr? || target.fqdn?
     puts opt_parser.help
     puts "\nReason: #{options[:targets]} is not a valid target"
-    exit
+    exit 1
   end
 end
 
 unless (0..65535).include?(options[:port])
   puts opt_parser.help
   puts "\nReason: port supplied is not within acceptable range"
-  exit
+  exit 1
 end
 
 unless File.exists?(options[:policy])
   puts opt_parser.help
   puts "\nReason: policy file supplied is not a file"
-  exit
+  exit 1
 end
 
 options[:policy_file] = SSHScan::Policy.from_file(options[:policy])
@@ -118,10 +132,13 @@ results = scan_engine.scan(options)
 
 puts JSON.pretty_generate(results)
 
-results.each do |result|
-  if result["compliance"] && result["compliance"][:compliant] == false
-    exit 1 #non-zero means a false
-  else
-    exit 0 #non-zero means pass
+if options[:unit_test] == true
+  results.each do |result|
+    if result["compliance"] &&
+       result["compliance"][:compliant] == false
+      exit 1 #non-zero means a false
+    else
+      exit 0 #non-zero means pass
+    end
   end
 end

data/lib/ssh_scan/client.rb

@@ -2,11 +2,13 @@ require 'socket'
 require 'ssh_scan/constants'
 require 'ssh_scan/protocol'
 require 'ssh_scan/banner'
+require 'ssh_scan/error'
 
 module SSHScan
   class Client
-    def initialize(target, port)
+    def initialize(target, port, timeout = 3)
       @target = target
+      @timeout = timeout
 
       if @target.ip_addr?
         @ip = @target
@@ -21,13 +23,34 @@ module SSHScan
     end
 
     def connect()
-      @sock = TCPSocket.new(@ip, @port)
-      @raw_server_banner = @sock.gets.chomp
-      @server_banner = SSHScan::Banner.read(@raw_server_banner)
-      @sock.puts(@client_banner.to_s)
+      begin
+        @sock = Socket.tcp(@ip, @port, connect_timeout: @timeout)
+      rescue Errno::ETIMEDOUT => e
+        @error = SSHScan::Error::ConnectTimeout.new(e.message)
+        @sock = nil
+      rescue Errno::ECONNREFUSED => e
+        @error = SSHScan::Error::ConnectionRefused.new(e.message)
+        @sock = nil
+      else
+        @raw_server_banner = @sock.gets.chomp
+        @server_banner = SSHScan::Banner.read(@raw_server_banner)
+        @sock.puts(@client_banner.to_s)
+      end
     end
 
     def get_kex_result(kex_init_raw = @kex_init_raw)
+      # Common options for all cases
+      result = {}
+      result[:ssh_scan_version] = SSHScan::VERSION
+      result[:hostname] = @target.fqdn? ? @target : ""
+      result[:ip] = @ip
+      result[:port] = @port
+
+      if !@sock
+        result[:error] = @error
+        return result
+      end
+
       @sock.write(kex_init_raw)
       resp = @sock.read(4)
       resp += @sock.read(resp.unpack("N").first)
@@ -36,11 +59,6 @@ module SSHScan
       kex_exchange_init = SSHScan::KeyExchangeInit.read(resp)
 
       # Assemble and print results
-      result = {}
-      result[:ssh_scan_version] = SSHScan::VERSION
-      result[:hostname] = @target.fqdn? ? @target : ""
-      result[:ip] = @ip
-      result[:port] = @port
       result[:server_banner] = @server_banner
       result[:ssh_version] = @server_banner.ssh_version
       result[:os] = @server_banner.os_guess.common

data/lib/ssh_scan/error/closed_connection.rb

@@ -0,0 +1,9 @@
+module SSHScan
+  module Error
+    class ClosedConnection < Exception
+      def to_s
+        "#{self.class.to_s.split('::')[-1]}"
+      end
+    end
+  end
+end

data/lib/ssh_scan/error/connect_timeout.rb

@@ -0,0 +1,12 @@
+module SSHScan
+  module Error
+    class ConnectTimeout < Exception
+      def initialize(message)
+        @message = message
+      end
+      def to_s
+        "#{self.class.to_s.split('::')[-1]}: #{@message}"
+      end
+    end
+  end
+end

data/lib/ssh_scan/error/connection_refused.rb

@@ -0,0 +1,12 @@
+module SSHScan
+  module Error
+    class ConnectionRefused < Exception
+      def initialize(message)
+        @message = message
+      end
+      def to_s
+        "#{self.class.to_s.split('::')[-1]}: #{@message}"
+      end
+    end
+  end
+end

data/lib/ssh_scan/error/disconnected.rb

@@ -0,0 +1,12 @@
+module SSHScan
+  module Error
+    class Disconnected < Exception
+      def initialize(message)
+        @message = message
+      end
+      def to_s
+        "#{self.class.to_s.split('::')[-1]}: #{@message}"
+      end
+    end
+  end
+end

data/lib/ssh_scan/error.rb

@@ -0,0 +1,4 @@
+require 'ssh_scan/error/connect_timeout'
+require 'ssh_scan/error/closed_connection'
+require 'ssh_scan/error/connection_refused'
+require 'ssh_scan/error/disconnected'

data/lib/ssh_scan/policy.rb

@@ -2,7 +2,7 @@ require 'yaml'
 
 module SSHScan
   class Policy
-    attr_reader :name, :kex, :macs, :encryption, :compression
+    attr_reader :name, :kex, :macs, :encryption, :compression, :references
 
     def initialize(opts = {})
       @name = opts['name'] || []
@@ -10,6 +10,7 @@ module SSHScan
       @macs = opts['macs'] || []
       @encryption = opts['encryption'] || []
       @compression = opts['compression'] || []
+      @references = opts['references'] || []
     end
 
     def self.from_file(file)

data/lib/ssh_scan/policy_manager.rb

@@ -120,7 +120,8 @@ module SSHScan
       {
         :policy => @policy.name,
         :compliant => compliant?,
-        :recommendations => recommendations
+        :recommendations => recommendations,
+        :references => @policy.references,
       }
     end
   end

data/lib/ssh_scan/scan_engine.rb

@@ -5,74 +5,103 @@ require 'net/ssh'
 module SSHScan
   class ScanEngine
 
-    def scan(opts)
-      targets = opts[:targets]
+    def scan_target(target, opts)
       port = opts[:port]
       policy = opts[:policy_file]
+      timeout = opts[:timeout]
 
-      # Connect and get results (native)
-      result = []
-      targets.each_with_index do |target, index|
-        client = SSHScan::Client.new(target, port)
-        client.connect()
-        result.push(client.get_kex_result())
-
-        fingerprint_md5 = nil
-        fingerprint_sha1 = nil
-        fingerprint_sha256 = nil
-
-        # Connect and get results (Net-SSH)
-        begin
-          net_ssh_session = Net::SSH::Transport::Session.new(target, :port => port)
-          auth_session = Net::SSH::Authentication::Session.new(net_ssh_session, :auth_methods => ["none"])
-          auth_session.authenticate("none", "test", "test")
-          result[index]['auth_methods'] = auth_session.allowed_auth_methods
-          host_key = net_ssh_session.host_keys.first
-          net_ssh_session.close
+      client = SSHScan::Client.new(target, port, timeout)
+      client.connect()
+      result = client.get_kex_result()
+      return result if result.include?(:error)
 
-          #only supporting RSA for the moment
-          if host_key.is_a?(OpenSSL::PKey::RSA)
-            data_string = OpenSSL::ASN1::Sequence([
-             OpenSSL::ASN1::Integer.new(host_key.public_key.n),
-             OpenSSL::ASN1::Integer.new(host_key.public_key.e)
-            ])
+      # Connect and get results (Net-SSH)
+      begin
+        net_ssh_session = Net::SSH::Transport::Session.new(target, :port => port, :timeout => timeout)
+        raise SSHScan::Error::ClosedConnection.new if net_ssh_session.closed?
+        auth_session = Net::SSH::Authentication::Session.new(net_ssh_session, :auth_methods => ["none"])
+        auth_session.authenticate("none", "test", "test")
+        result['auth_methods'] = auth_session.allowed_auth_methods
+        host_key = net_ssh_session.host_keys.first
+        net_ssh_session.close
+      rescue Net::SSH::ConnectionTimeout => e
+        warn("WARNING: net-ssh timed out attempting to connect to service (fingerprints and auth_methods will not be available)")
+        result['auth_methods'] = []
+        result['fingerprints'] = {}
+        result[:error] = e
+        result[:error] = SSHScan::Error::ConnectTimeout.new(e.message)
+      rescue Net::SSH::Disconnect => e
+        warn("WARNING: net-ssh disconnected unexpectedly (fingerprints and auth_methods will not be available)")
+        result['auth_methods'] = []
+        result['fingerprints'] = {}
+        result[:error] = e
+        result[:error] = SSHScan::Error::Disconnected.new(e.message)
+      rescue Net::SSH::Exception => e
+        if e.to_s.match(/could not settle on encryption_client algorithm/)
+          warn("WARNING: net-ssh could not find a mutually acceptable encryption algorithm (fingerprints and auth_methods will not be available)")
+          result['auth_methods'] = []
+          result['fingerprints'] = {}
+          result[:error] = e
+        elsif e.to_s.match(/could not settle on host_key algorithm/)
+          warn("WARNING: net-ssh could not find a mutually acceptable host_key algorithm (fingerprints and auth_methods will not be available)")
+          result['auth_methods'] = []
+          result['fingerprints'] = {}
+          result[:error] = e
+        else
+          raise e
+        end
+      else
+        #only supporting RSA for the moment
+        if host_key.is_a?(OpenSSL::PKey::RSA)
+          data_string = OpenSSL::ASN1::Sequence([
+           OpenSSL::ASN1::Integer.new(host_key.public_key.n),
+           OpenSSL::ASN1::Integer.new(host_key.public_key.e)
+          ])
 
-            fingerprint_md5 = OpenSSL::Digest::MD5.hexdigest(data_string.to_der).scan(/../).join(':')
-            fingerprint_sha1 = OpenSSL::Digest::SHA1.hexdigest(data_string.to_der).scan(/../).join(':')
-            fingerprint_sha256 = OpenSSL::Digest::SHA256.hexdigest(data_string.to_der).scan(/../).join(':')
+          fingerprint_md5 = OpenSSL::Digest::MD5.hexdigest(data_string.to_der).scan(/../).join(':')
+          fingerprint_sha1 = OpenSSL::Digest::SHA1.hexdigest(data_string.to_der).scan(/../).join(':')
+          fingerprint_sha256 = OpenSSL::Digest::SHA256.hexdigest(data_string.to_der).scan(/../).join(':')
 
-            result[index]['fingerprints'] = {
-             "md5" => fingerprint_md5,
-             "sha1" => fingerprint_sha1,
-             "sha256" => fingerprint_sha256,
-            }
-          else
-            warn("WARNING: Host key support for #{host_key.class} is not provided yet (fingerprints will not be available)")
-            result[index]['fingerprints'] = {}
+          result['fingerprints'] = {
+           "md5" => fingerprint_md5,
+           "sha1" => fingerprint_sha1,
+           "sha256" => fingerprint_sha256,
+          }
+          # Do this only when no errors were reported
+          unless policy.nil?
+            policy_mgr = SSHScan::PolicyManager.new(result, policy)
+            result['compliance'] = policy_mgr.compliance_results
           end
+        else
+          warn("WARNING: Host key support for #{host_key.class} is not provided yet (fingerprints will not be available)")
+          result['fingerprints'] = {}
+        end
+      end
+      return result
+    end
 
+    def scan(opts)
+      targets = opts[:targets]
+      threads = opts[:threads] || 5
 
-        rescue Net::SSH::Exception => e
-          if e.to_s.match(/could not settle on encryption_client algorithm/)
-            warn("WARNING: net-ssh could not find a mutually acceptable encryption algorithm (fingerprints and auth_methods will not be available)")
-            result[index]['auth_methods'] = []
-            result[index]['fingerprints'] = {}
-          elsif e.to_s.match(/could not settle on host_key algorithm/)
-            warn("WARNING: net-ssh could not find a mutually acceptable host_key algorithm (fingerprints and auth_methods will not be available)")
-            result[index]['auth_methods'] = []
-            result[index]['fingerprints'] = {}
-          else
-            raise e
-          end
-        end
+      results = []
 
-        # If policy defined, then add compliance results
-        unless policy.nil?
-          policy_mgr = SSHScan::PolicyManager.new(result[index], policy)
-          result[index]['compliance'] = policy_mgr.compliance_results
+      work_queue = Queue.new
+      targets.each {|x| work_queue.push x }
+      workers = (0...threads).map do |worker_num|
+        Thread.new do
+          begin
+            while target = work_queue.pop(true)
+              results << scan_target(target, opts)
+            end
+          rescue ThreadError => e
+            raise e unless e.to_s.match(/queue empty/)
+          end
         end
       end
-      return result
+      workers.map(&:join)
+
+      return results
     end
   end
 end

data/lib/ssh_scan/target_parser.rb

@@ -0,0 +1,29 @@
+require 'netaddr'
+require 'string_ext'
+
+module SSHScan
+  class TargetParser
+    def enumerateIPRange(ip)
+      if ip.fqdn?
+        return [ip]
+      else
+        if ip.include? "-"
+          octets = ip.split('.')
+          range = octets.pop.split('-')
+          lower = NetAddr::CIDR.create(octets.join('.') + "." + range[0])
+          upper = NetAddr::CIDR.create(octets.join('.') + "." + range[1])
+          ip_array = NetAddr.range(lower, upper,:Inclusive => true)
+          return ip_array
+        elsif ip.include? "/"
+          cidr = NetAddr::CIDR.create(ip)
+          ip_array = cidr.enumerate
+          ip_array.delete(cidr.network)
+          ip_array.delete(cidr.last)
+          return ip_array
+        else
+          return [ip]
+        end
+      end
+    end
+  end
+end

data/lib/ssh_scan/version.rb

@@ -1,3 +1,3 @@
 module SSHScan
-  VERSION = '0.0.10.beta.2'
+  VERSION = '0.0.10'
 end

data/lib/ssh_scan.rb

@@ -8,6 +8,7 @@ require 'ssh_scan/policy'
 require 'ssh_scan/policy_manager'
 require 'ssh_scan/protocol'
 require 'ssh_scan/scan_engine'
+require 'ssh_scan/target_parser'
 
 #Monkey Patches
 require 'string_ext'

data/policies/mozilla_intermediate.yml

@@ -12,3 +12,5 @@ macs:
 compression:
 - none
 - zlib@openssh.com
+references:
+- https://wiki.mozilla.org/Security/Guidelines/OpenSSH

data/policies/mozilla_modern.yml

@@ -23,3 +23,5 @@ macs:
 compression:
 - none
 - zlib@openssh.com
+references:
+- https://wiki.mozilla.org/Security/Guidelines/OpenSSH

data/ssh_scan.gemspec

@@ -29,6 +29,7 @@ Gem::Specification.new do |s|
   s.add_dependency('bindata', '~> 2.0')
   s.add_dependency('net-ssh')
   s.add_dependency('netaddr')
+  s.add_dependency('timeout')
   s.add_development_dependency('pry')
   s.add_development_dependency('rspec', '~> 3.0')
   s.add_development_dependency('rspec-its', '~> 1.2')

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ssh_scan
 version: !ruby/object:Gem::Version
-  version: 0.0.10.beta.2
+  version: 0.0.10
 platform: ruby
 authors:
 - Jonathan Claudius
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-08-17 00:00:00.000000000 Z
+date: 2016-08-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bindata
@@ -52,6 +52,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: timeout
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -128,6 +142,11 @@ files:
 - lib/ssh_scan/basic_server.rb
 - lib/ssh_scan/client.rb
 - lib/ssh_scan/constants.rb
+- lib/ssh_scan/error.rb
+- lib/ssh_scan/error/closed_connection.rb
+- lib/ssh_scan/error/connect_timeout.rb
+- lib/ssh_scan/error/connection_refused.rb
+- lib/ssh_scan/error/disconnected.rb
 - lib/ssh_scan/os.rb
 - lib/ssh_scan/os/centos.rb
 - lib/ssh_scan/os/debian.rb
@@ -144,6 +163,7 @@ files:
 - lib/ssh_scan/ssh_lib/libssh.rb
 - lib/ssh_scan/ssh_lib/openssh.rb
 - lib/ssh_scan/ssh_lib/unknown.rb
+- lib/ssh_scan/target_parser.rb
 - lib/ssh_scan/version.rb
 - lib/string_ext.rb
 - policies/mozilla_intermediate.yml
@@ -164,9 +184,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.6.2