Audit OpenSSH private keys for passphrases

Timothy Rice 819e2476f2 Fix typo upholing -> upholding 3 tahun lalu
.gitignore e93bf4c949 Initial commit 4 tahun lalu
LICENSE e93bf4c949 Initial commit 4 tahun lalu
Makefile e93bf4c949 Initial commit 4 tahun lalu
README.md 819e2476f2 Fix typo upholing -> upholding 3 tahun lalu
key_audit.c 6dfacf1f2c Check arguments 4 tahun lalu

README.md

OpenSSH Key Auditor

Check whether OpenSSH private keys have a passphrase defined on them.

Motivation

In a shared user setting, it can be desirable to ensure that users are upholding the security of their OpenSSH private keys, by placing passphrases on them. Unfortunately, the OpenSSH command line tools do not offer any convenience methods for merely performing this check. Workarounds exist, but they are less elegant than simply validating an empty passphrase against a given keyfile.

The present program aims to fill this missing functionality.

Example Usage

$ key_audit /home/dummy/.ssh/id_ed25519 && echo good || echo bad
bad
$ grep -rli 'begin.*private key' /home/*/.ssh/ | while read k; do key_audit "$k" || printf "%s\n" "$k"; done
/home/dummy/.ssh/id_ed25519