sntrup761x25519-sha512@openssh.com KEX is enabled since OpenSSH 8.9 and is not considered experimental anymore

2022-04-03 17:01:20 +00:00 · 2022-04-03 17:01:20 +00:00 · 3d0d88a9ed
commit 3d0d88a9ed
parent 1bd8e2b3af
2 changed files with 13 additions and 1 deletions
--- a/security/ssh-audit/Makefile
+++ b/security/ssh-audit/Makefile
@ -3,7 +3,7 @@ COMMENT =		ssh configuration security auditing tool
 MODPY_EGG_VERSION =	2.5.0

 DISTNAME =		ssh-audit-${MODPY_EGG_VERSION}
-REVISION =		0
+REVISION =		1

 CATEGORIES =		security

--- a/security/ssh-audit/patches/patch-src_ssh_audit_ssh2_kexdb_py
+++ b/security/ssh-audit/patches/patch-src_ssh_audit_ssh2_kexdb_py
@ -0,0 +1,12 @@
+Index: src/ssh_audit/ssh2_kexdb.py
+--- src/ssh_audit/ssh2_kexdb.py.orig
+++ src/ssh_audit/ssh2_kexdb.py
+@@ -121,7 +121,7 @@ class SSH2_KexDB:  # pylint: disable=too-few-public-me
+             'rsa1024-sha1': [[], [FAIL_1024BIT_MODULUS], [WARN_HASH_WEAK]],
+             'rsa2048-sha256': [[]],
+             'sntrup4591761x25519-sha512@tinyssh.org': [['8.0', '8.4'], [], [WARN_EXPERIMENTAL]],
+-            'sntrup761x25519-sha512@openssh.com': [['8.5'], [], [WARN_EXPERIMENTAL]],
+            'sntrup761x25519-sha512@openssh.com': [['8.5'], [], []],
+             'kexAlgoCurve25519SHA256': [[]],
+             'Curve25519SHA256': [[]],
+             'ext-info-c': [[]],  # Extension negotiation (RFC 8308)