GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → benjojo → ssh-key-confirmer

benjojo / ssh-key-confirmer

Licence: MIT License
Test ssh login key acceptance without having the private key

Programming Languages

go
31211 projects - #10 most used programming language
Makefile
30231 projects

ssh-key-confirmer

This confirms if a SSH public key is listed as a authorized_key on a system

Usage

$ ssh-key-confirmer -i ./id_rsa.pub [email protected]
Key is present on user+server
$ ssh-key-confirmer -i ./id_ed25519.pub ben@localhost
Key not found on user+server

How does this work

If you ssh with verbose mode enabled, you can see that the way ssh works is that you offer a key to a server, and it will respond back if it accepts or not (and then you provide a signed copy of a shared session secret as proof you own the key)

$ ssh -v -i id_ed25519 localhost
OpenSSH_8.2p1 Ubuntu-4ubuntu0.3, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /home/ben/.ssh/config
...
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
...
debug1: Authenticating to localhost:22 as 'ben'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
...
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: cardno:000605032939 RSA SHA256:CtGA1RT0bAOd06HHIRQTB9reCED/SrD2MGfS8MUEd6Q agent
debug1: Authentications that can continue: publickey,password
>>>>>> debug1: Offering public key: id_ed25519 ED25519 SHA256:Wml16ewzvx7SBMLmFkvVxZBiwN5lAcFm6nuLJF2rKYY explicit <<<<<<
>>>>>> debug1: Server accepts key: id_ed25519 ED25519 SHA256:Wml16ewzvx7SBMLmFkvVxZBiwN5lAcFm6nuLJF2rKYY explicit  <<<<<<
debug1: Authentication succeeded (publickey).
Authenticated to localhost ([127.0.0.1]:22).
...
Welcome to Ubuntu 20.04.3 LTS (GNU/Linux 5.10.26-2fast2benjojo x86_64)

This tool simply offers the key, and if it's accepted it will confirm that key exists, a server could be configured to accept every possible key. There is an attempt to detect when this is happening.

How do I know this is being done to me?

You will get [preauth] disconnections, though a lot of other things can cause that too so... /shrug

Connection closed by authenticating user ben 127.0.0.1 port 59566 [preauth]

That's a janky name

Well, ssh-keyscan was taken, and I'm pretty sure i've seen a ssh-check-key somewhere.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].