Audit OpenSSH private keys for passphrases

Timothy Rice 819e2476f2 Fix typo upholing -> upholding 3 سال پیش
.gitignore e93bf4c949 Initial commit 4 سال پیش
LICENSE e93bf4c949 Initial commit 4 سال پیش
Makefile e93bf4c949 Initial commit 4 سال پیش
README.md 819e2476f2 Fix typo upholing -> upholding 3 سال پیش
key_audit.c 6dfacf1f2c Check arguments 4 سال پیش

README.md

OpenSSH Key Auditor

Check whether OpenSSH private keys have a passphrase defined on them.

Motivation

In a shared user setting, it can be desirable to ensure that users are upholding the security of their OpenSSH private keys, by placing passphrases on them. Unfortunately, the OpenSSH command line tools do not offer any convenience methods for merely performing this check. Workarounds exist, but they are less elegant than simply validating an empty passphrase against a given keyfile.

The present program aims to fill this missing functionality.

Example Usage

$ key_audit /home/dummy/.ssh/id_ed25519 && echo good || echo bad
bad
$ grep -rli 'begin.*private key' /home/*/.ssh/ | while read k; do key_audit "$k" || printf "%s\n" "$k"; done
/home/dummy/.ssh/id_ed25519