Audit OpenSSH private keys for passphrases

Timothy Rice 819e2476f2 Fix typo upholing -> upholding пре 3 година
.gitignore e93bf4c949 Initial commit пре 4 година
LICENSE e93bf4c949 Initial commit пре 4 година
Makefile e93bf4c949 Initial commit пре 4 година
README.md 819e2476f2 Fix typo upholing -> upholding пре 3 година
key_audit.c 6dfacf1f2c Check arguments пре 4 година

README.md

OpenSSH Key Auditor

Check whether OpenSSH private keys have a passphrase defined on them.

Motivation

In a shared user setting, it can be desirable to ensure that users are upholding the security of their OpenSSH private keys, by placing passphrases on them. Unfortunately, the OpenSSH command line tools do not offer any convenience methods for merely performing this check. Workarounds exist, but they are less elegant than simply validating an empty passphrase against a given keyfile.

The present program aims to fill this missing functionality.

Example Usage

$ key_audit /home/dummy/.ssh/id_ed25519 && echo good || echo bad
bad
$ grep -rli 'begin.*private key' /home/*/.ssh/ | while read k; do key_audit "$k" || printf "%s\n" "$k"; done
/home/dummy/.ssh/id_ed25519