RubyGems - ssh_scan - Versions diffs - 0.0.9 → 0.0.10.beta.1 - Mend

ssh_scan 0.0.9 → 0.0.10.beta.1

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/ssh_scan/scan_engine.rb +39 -26
data/lib/ssh_scan/version.rb +1 -1
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6ab6ade0f667010fdd604bbf4e0a166319c0e332
-  data.tar.gz: a2d102a46eca3c35ae5e9eda0c2d714b5cce415b
+  metadata.gz: fc658367e83ea612b5d9dc210e0b050adffaa80c
+  data.tar.gz: 9fc7ed603f1dab9250b31e38d50e0b5907b75991
 SHA512:
-  metadata.gz: 509adb5236bcb0aea6489a266d0c3ef1f9312d6c4b7860156c6174614014288441d73209110fe7ccc8cee6dc26bb1001e0585e1b1340026a8af8ec84e926b659
-  data.tar.gz: 3d327bf76e6c9f9211f506bee4ab52cfd28fd0b4560f37578a5bc9d6fea81bda475ac3c3edb3e45c5a2b7c59ce082b58853233399a0a9720074ebf9ece8287b4
+  metadata.gz: df7fd981d2356f4129ee20a481540f64ce12011014af63eb24170cfeb3233c297aefbc8fbda4b093030791b253410737b729db05014e97dcd1b7a192378e37de
+  data.tar.gz: 3ddf2ad7d0a9e8115246f9e123063bce9c8a65b8cbbb68a1390758c715003ec3ba29164e3ead55ba4a09bfec617888fc46fd10010c33d5d496bebdbe8530d4cb

data/lib/ssh_scan/scan_engine.rb CHANGED Viewed

@@ -17,37 +17,50 @@ module SSHScan
         client.connect()
         result.push(client.get_kex_result())
-        # Connect and get results (Net-SSH)
-        net_ssh_session = Net::SSH::Transport::Session.new(target, :port => port)
-        auth_session = Net::SSH::Authentication::Session.new(net_ssh_session, :auth_methods => ["none"])
-        auth_session.authenticate("none", "test", "test")
-        result[index]['auth_methods'] = auth_session.allowed_auth_methods
-        host_key = net_ssh_session.host_keys.first
-        net_ssh_session.close
         fingerprint_md5 = nil
         fingerprint_sha1 = nil
         fingerprint_sha256 = nil
-        # only supporting RSA for the moment
-        if host_key.is_a?(OpenSSL::PKey::RSA)
-          data_string = OpenSSL::ASN1::Sequence([
-            OpenSSL::ASN1::Integer.new(host_key.public_key.n),
-            OpenSSL::ASN1::Integer.new(host_key.public_key.e)
-          ])
-          fingerprint_md5 = OpenSSL::Digest::MD5.hexdigest(data_string.to_der).scan(/../).join(':')
-          fingerprint_sha1 = OpenSSL::Digest::SHA1.hexdigest(data_string.to_der).scan(/../).join(':')
-          fingerprint_sha256 = OpenSSL::Digest::SHA256.hexdigest(data_string.to_der).scan(/../).join(':')
-        else
-          warn("Host key support for #{host_key.class} is not provided yet, fingerprints will not be available")
-        end
+        # Connect and get results (Net-SSH)
+        begin
+          net_ssh_session = Net::SSH::Transport::Session.new(target, :port => port)
+          auth_session = Net::SSH::Authentication::Session.new(net_ssh_session, :auth_methods => ["none"])
+          auth_session.authenticate("none", "test", "test")
+          result[index]['auth_methods'] = auth_session.allowed_auth_methods
+          host_key = net_ssh_session.host_keys.first
+          net_ssh_session.close
+          #only supporting RSA for the moment
+          if host_key.is_a?(OpenSSL::PKey::RSA)
+            data_string = OpenSSL::ASN1::Sequence([
+             OpenSSL::ASN1::Integer.new(host_key.public_key.n),
+             OpenSSL::ASN1::Integer.new(host_key.public_key.e)
+            ])
-        result[index]['fingerprints'] = {
-          "md5" => fingerprint_md5,
-          "sha1" => fingerprint_sha1,
-          "sha256" => fingerprint_sha256,
-        }
+            fingerprint_md5 = OpenSSL::Digest::MD5.hexdigest(data_string.to_der).scan(/../).join(':')
+            fingerprint_sha1 = OpenSSL::Digest::SHA1.hexdigest(data_string.to_der).scan(/../).join(':')
+            fingerprint_sha256 = OpenSSL::Digest::SHA256.hexdigest(data_string.to_der).scan(/../).join(':')
+            result[index]['fingerprints'] = {
+             "md5" => fingerprint_md5,
+             "sha1" => fingerprint_sha1,
+             "sha256" => fingerprint_sha256,
+            }
+          else
+            warn("WARNING: Host key support for #{host_key.class} is not provided yet (fingerprints will not be available)")
+            result[index]['fingerprints'] = {}
+          end
+        rescue Net::SSH::Exception => e
+          if e.to_s.match(/could not settle on encryption_client algorithm/)
+            warn("WARNING: net-ssh could not find a mutually acceptable encryption algorithm (fingerprints and auth_methods will not be available)")
+            result[index]['auth_methods'] = []
+            result[index]['fingerprints'] = {}
+          else
+            raise e
+          end
+        end
         # If policy defined, then add compliance results
         unless policy.nil?

data/lib/ssh_scan/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module SSHScan
-  VERSION = '0.0.9'
+  VERSION = '0.0.10.beta.1'
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ssh_scan
 version: !ruby/object:Gem::Version
-  version: 0.0.9
+  version: 0.0.10.beta.1
 platform: ruby
 authors:
 - Jonathan Claudius
@@ -164,9 +164,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project:
 rubygems_version: 2.6.2