MCPcopy
hub / github.com/jtesta/ssh-audit / get_algorithm_recommendations

Function get_algorithm_recommendations

src/ssh_audit/ssh_audit.py:718–764  ·  view source on GitHub ↗

Returns the algorithm recommendations.

(algs: Optional[Algorithms], algorithm_recommendation_suppress_list: Optional[List[str]], software: Optional[Software], for_server: bool = True)

Source from the content-addressed store, hash-verified

716
717
718def get_algorithm_recommendations(algs: Optional[Algorithms], algorithm_recommendation_suppress_list: Optional[List[str]], software: Optional[Software], for_server: bool = True) -> Dict[str, Any]:
719 '''Returns the algorithm recommendations.'''
720 ret: Dict[str, Any] = {}
721
722 if algs is None or software is None:
723 return ret
724
725 software, alg_rec = algs.get_recommendations(software, for_server)
726 for sshv in range(2, 0, -1):
727 if sshv not in alg_rec:
728 continue
729 for alg_type in ['kex', 'key', 'enc', 'mac']:
730 if alg_type not in alg_rec[sshv]:
731 continue
732 for action in ['del', 'add', 'chg']:
733 if action not in alg_rec[sshv][alg_type]:
734 continue
735
736 for name in alg_rec[sshv][alg_type][action]:
737
738 # If this algorithm should be suppressed, skip it.
739 if algorithm_recommendation_suppress_list is not None and name in algorithm_recommendation_suppress_list:
740 continue
741
742 level = 'informational'
743 points = alg_rec[sshv][alg_type][action][name]
744 if points >= 10:
745 level = 'critical'
746 elif points >= 1:
747 level = 'warning'
748
749 if level not in ret:
750 ret[level] = {}
751
752 if action not in ret[level]:
753 ret[level][action] = {}
754
755 if alg_type not in ret[level][action]:
756 ret[level][action][alg_type] = []
757
758 notes = ''
759 if action == 'chg':
760 notes = 'increase modulus size to 3072 bits or larger'
761
762 ret[level][action][alg_type].append({'name': name, 'notes': notes})
763
764 return ret
765
766
767def list_policies(out: OutputBuffer, verbose: bool) -> None:

Callers 2

output_recommendationsFunction · 0.85
build_structFunction · 0.85

Calls 1

get_recommendationsMethod · 0.80

Tested by

no test coverage detected