Checking private keys for empty passphrases / cracking passphrases on
From: Ed Voncken (vonckene@asa-ehv.ce.philips.com)Date: 03/18/02
- Next message: dxcreepin: "openssh and tunneling CDE"
- Previous message: Neil W Rickert: "Re: best setup for host changing IPs?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 18 Mar 2002 14:48:40 +0100 From: Ed Voncken <vonckene@asa-ehv.ce.philips.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Hello,
We are busy implementing OpenSSH for most of our Sun Solaris 8
infrastructure. So far, the software is runnning just fine and people
are getting used to the advantages of ssh-agent with keys.
For auditing purposes, I would like to detect keys with empty
passphrases and report them to Security.
Ideally, I would like to run something like 'crack' against private keys
and see if they use a weak passphrase.
Has any of this ever been done? Google and the OpenSSH and Snailbook
FAQs did not provide any pointers.
Any help is appreciated.
-- Greetings, Ed Voncken Remove all SPAM to reply...** Not speaking on behalf of current or any previous employer **
- Next message: dxcreepin: "openssh and tunneling CDE"
- Previous message: Neil W Rickert: "Re: best setup for host changing IPs?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
