3 # Debian/OpenSSL Weak Key Detector
5 # Copyright (C) 2008, Florian Weimer <fw@deneb.enyo.de>
7 # Permission to use, copy, modify, and distribute this software for
8 # any purpose with or without fee is hereby granted, provided that the
9 # above copyright notice and this permission notice appear in all
12 # THE SOFTWARE IS PROVIDED "AS IS" AND FLORIAN WEIMER AND HIS
13 # CONTRIBUTORS DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE
14 # INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN
15 # NO EVENT SHALL FLORIAN WEIMER OR HIS CONTRIBUTORS BE LIABLE FOR ANY
16 # SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17 # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
18 # AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
19 # OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
22 # Blacklist data has been provided by Kees Cook, Peter Palfrader and
25 # Patches and comments are welcome. Please send them to
26 # <fw@deneb.enyo.de>, and use "dowkd" in the subject line.
33 usage: $0 [OPTIONS...] COMMAND [ARGUMENTS...]
37 file: examine files on the command line for weak keys
38 host: examine the specified hosts for weak SSH keys
39 user: examine user SSH keys for weakness; examine all users if no
41 help: show this help screen
45 -c FILE: set the database cache file name (default: dowkd.db)
47 dowkd currently handles the following OpenSSH host and user keys,
48 provided they have been generated on a little-endian architecture
49 (such as i386 or amd64): RSA/1024, RSA/2048 and DSA/1024. (The
50 OpenSSH version in Debian does not support DSA key generation with)
53 OpenVPN shared also detected on little-endian architecture.
55 Note that the blacklist by dowkd may be incomplete; it is only
56 intended as a quick check.
68 my $db_file = 'dowkd.db';
74 $db = tie
%db, 'DB_File', $db_file, O_RDWR
| O_CREAT
, 0777, $DB_BTREE
75 or die "error: could not open database: $!\n";
77 $db{''} = $db_version;
78 while (my $line = <DATA
>) {
79 next if $line =~ /^\**$/;
81 $line =~ /^[0-9a-f]{32}$/ or die "error: invalid data line";
82 $line =~ s/(..)/chr(hex($1))/ge;
91 $db = tie
%db, 'DB_File', $db_file, O_RDONLY
, 0777, $DB_BTREE
92 or die "error: could not open database: $!\n";
93 my $stored_version = $db{''};
94 $stored_version && $stored_version eq $db_version or create_db
;
101 sub safe_backtick
(@
) {
104 open $fh, '-|', @args
105 or die "error: failed to spawn $args[0]: $!\n";
111 @result = scalar(<$fh>);
114 $?
== 0 or return undef;
123 my $keys_vulnerable = 0;
126 print STDERR
"summary: keys found: $keys_found, weak keys: $keys_vulnerable\n";
129 sub check_hash
($$) {
130 my ($name, $hash) = @_;
132 if (exists $db{$hash}) {
134 print "$name: weak key\n";
138 sub ssh_fprint_file
($) {
140 my $data = safe_backtick qw
/ssh-keygen -l -f/, $name;
141 defined $data or return ();
142 my @data = $data =~ /^(\d+) ([0-9a-f]{2}(?::[0-9a-f]{2}){15})/;
143 return @data if @data == 2;
147 sub ssh_fprint_check
($$$) {
148 my ($name, $length, $hash) = @_;
149 if ($length == 1024 || $length == 2048) {
151 $hash =~ s/(..)/chr(hex($1))/ge;
152 check_hash
$name, $hash;
154 warn "$name: warning: no suitable blacklist\n";
160 seek $tmp, 0, 0 or die "seek: $!";
161 truncate $tmp, 0 or die "truncate: $!";
164 sub cleanup_ssh_auth_line
($) {
167 $line =~ /^(?:ssh-(?:rsa|dss)\s|\d+\s+\d+\s+\d)/ and return $line;
170 if ($line =~ /^\s+(.*)/) {
174 if ($line =~ /^"(.*)/) {
178 if ($line =~ /^\\.(.*)/) {
179 # It doesn't matter if we don't deal with \000 properly, we
180 # just need to defuse the backslash character.
184 if ($line =~ /^[a-zA-Z0-9_=+-]+(.*)/) {
185 # Skip multiple harmless characters in one go.
189 if ($line =~ /^.(.*)/) {
190 # Other characters are stripped one by one.
194 return undef; # empty string, no key found
197 if ($line =~ /^"(.*)/) {
201 if ($line =~ /^\\.(.*)/) {
202 # See above, defuse the backslash.
206 if ($line =~ /^[^\\"]+(.*)/) {
210 return undef; # missing closing double quote
213 $line =~ /^(?:ssh-(?:rsa|dss)\s|\d+\s+\d+\s+\d)/ and return $line;
217 sub from_ssh_auth_file
($) {
220 unless (open $auth, '<', $name) {
221 warn "$name:0: error: open failed: $!\n";
224 my $tmp = new File
::Temp
;
225 while (my $line = <$auth>) {
227 next if $line =~ m/^\s*(#|$)/;
231 my $l = cleanup_ssh_auth_line
$line;
237 print $tmp "$line\n" or die "print: $!";
239 my ($length, $hash) = ssh_fprint_file
"$tmp";
240 if ($length && $hash) {
241 ssh_fprint_check
"$name:$lineno", $length, $hash;
246 warn "$name:$lineno: warning: unparsable line\n";
250 sub from_openvpn_key
($) {
253 unless (open $key, '<', $name) {
254 warn "$name:0: open failed: $!\n";
259 while (my $line = <$key>) {
261 if ($line =~ /^-----BEGIN OpenVPN Static key V1-----/) {
264 if ($line =~ /^([0-9a-f]{32})/) {
266 $line =~ s/(..)/chr(hex($1))/ge;
267 check_hash
"$name:$.", $line;
270 warn "$name:$.: warning: illegal OpenVPN file format\n";
277 sub from_ssh_host
(@
) {
280 push @lines, safe_backtick qw
/ssh-keyscan -t rsa/, @names;
281 push @lines, safe_backtick qw
/ssh-keyscan -t dsa/, @names;
283 my $tmp = new File
::Temp
;
284 for my $line (@lines) {
285 next if $line =~ /^#/;
286 my ($host, $data) = $line =~ /^(\S+) (.*)$/;
288 print $tmp "$data\n" or die "print: $!";
290 my ($length, $hash) = ssh_fprint_file
"$tmp";
291 if ($length && $hash) {
292 ssh_fprint_check
"$host", $length, $hash;
294 warn "$host: warning: unparsable line\n";
301 my ($name,$passwd,$uid,$gid,
302 $quota,$comment,$gcos,$dir,$shell,$expire) = getpwnam($user);
304 warn "warning: user $user does not exist\n";
307 for my $name (qw
/authorized_keys authorized_keys2
308 known_hosts known_hosts2
309 id_rsa
.pub id_dsa
.pub identity
.pub
/) {
310 my $file = "$dir/.ssh/$name";
311 from_ssh_auth_file
$file if -r
$file;
315 sub from_user_all
() {
316 # This was one loop initially, but does not work with some Perl
320 while (my $name = getpwent) {
324 from_user
$_ for @names;
327 if (@ARGV && $ARGV[0] eq '-c') {
329 $db_file = shift @ARGV if @ARGV;
333 my $cmd = shift @ARGV;
334 if ($cmd eq 'file') {
335 for my $name (@ARGV) {
336 next if from_openvpn_key
$name;
337 from_ssh_auth_file
$name;
339 } elsif ($cmd eq 'host') {
341 } elsif ($cmd eq 'user') {
343 from_user
$_ for @ARGV;
347 } elsif ($cmd eq 'help') {
351 die "error: invalid command, use \"help\" to get help\n";