Class: SSHScan::Tests::DnsKeyVerification

Inherits:
Object
  • Object
show all
Defined in:
lib/ssh_scan/tests/test_dns_key_verification.rb

Instance Method Summary collapse

Constructor Details

#initialize(result) ⇒ DnsKeyVerification

Returns a new instance of DnsKeyVerification.



4
5
6
 
# File 'lib/ssh_scan/tests/test_dns_key_verification.rb', line 4

def initialize(result)
  @result = result
end

Instance Method Details

#fail_descriptionObject 



26
27
28
29
30
31
32
 
# File 'lib/ssh_scan/tests/test_dns_key_verification.rb', line 26

def fail_description
  if pass?
    ""
  else
    "One or more of the keys offered by the SSH service were not able to be verified using an SSHFS record"
  end
end

#pass?Boolean

Returns:

  • (Boolean) 


8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 
# File 'lib/ssh_scan/tests/test_dns_key_verification.rb', line 8

def pass?
  @result.keys.each do |key,value|
    valid = false

    @result.dns_keys.each do |dns_key|
      if key == dns_key["algo"] &&
         value["fingerprints"].values.include?(dns_key["hex"])
        valid = true
      end
    end

    # This means we fail any key that's offered that's not verifiable via information from DNS
    return false unless valid == true
  end

  return true
end

#score_deductionObject 



34
35
36
37
38
39
40
 
# File 'lib/ssh_scan/tests/test_dns_key_verification.rb', line 34

def score_deduction
  if pass?
    0
  else
    -5
  end
end