jtesta
diff --git a/‎README.md
Lines changed: 1 addition & 0 deletions b/‎README.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/ssh_audit/ssh2_kexdb.py
Lines changed: 100 additions & 99 deletions b/‎src/ssh_audit/ssh2_kexdb.py
Lines changed: 100 additions & 99 deletions
diff --git a/‎test/docker/expected_results/dropbear_2019.78_test1.json
Lines changed: 34 additions & 8 deletions b/‎test/docker/expected_results/dropbear_2019.78_test1.json
Lines changed: 34 additions & 8 deletions
diff --git a/‎test/docker/expected_results/dropbear_2019.78_test1.txt
Lines changed: 16 additions & 6 deletions b/‎test/docker/expected_results/dropbear_2019.78_test1.txt
Lines changed: 16 additions & 6 deletions
diff --git a/‎test/docker/expected_results/openssh_4.0p1_test1.json
Lines changed: 8 additions & 1 deletion b/‎test/docker/expected_results/openssh_4.0p1_test1.json
Lines changed: 8 additions & 1 deletion
diff --git a/‎test/docker/expected_results/openssh_4.0p1_test1.txt
Lines changed: 3 additions & 0 deletions b/‎test/docker/expected_results/openssh_4.0p1_test1.txt
Lines changed: 3 additions & 0 deletions
diff --git a/‎test/docker/expected_results/openssh_5.6p1_test1.json
Lines changed: 11 additions & 1 deletion b/‎test/docker/expected_results/openssh_5.6p1_test1.json
Lines changed: 11 additions & 1 deletion
diff --git a/‎test/docker/expected_results/openssh_5.6p1_test1.txt
Lines changed: 4 additions & 0 deletions b/‎test/docker/expected_results/openssh_5.6p1_test1.txt
Lines changed: 4 additions & 0 deletions
diff --git a/‎test/docker/expected_results/openssh_5.6p1_test2.json
Lines changed: 11 additions & 1 deletion b/‎test/docker/expected_results/openssh_5.6p1_test2.json
Lines changed: 11 additions & 1 deletion
diff --git a/‎test/docker/expected_results/openssh_5.6p1_test2.txt
Lines changed: 4 additions & 0 deletions b/‎test/docker/expected_results/openssh_5.6p1_test2.txt
Lines changed: 4 additions & 0 deletions
diff --git a/‎test/docker/expected_results/openssh_5.6p1_test3.json
Lines changed: 11 additions & 1 deletion b/‎test/docker/expected_results/openssh_5.6p1_test3.json
Lines changed: 11 additions & 1 deletion
@@ -217,6 +217,7 @@ For convenience, a web front-end on top of the command-line tool is available at
 ## ChangeLog
 
 ### v3.4.0-dev
+ - Added warning to all key exchanges that do not include protections against quantum attacks due to the Harvest Now, Decrypt Later strategy (see https://en.wikipedia.org/wiki/Harvest_now,_decrypt_later).
  - Migrated from deprecated `getopt` module to `argparse`; partial credit [oam7575](https://github.com/oam7575).
 
 ### v3.3.0 (2024-10-15)
 
@@ -116,6 +116,9 @@
                 "info": [
                     "default key exchange from OpenSSH 7.4 to 8.9",
                     "available since OpenSSH 7.4, Dropbear SSH 2018.76"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -125,6 +128,9 @@
                 "info": [
                     "default key exchange from OpenSSH 6.5 to 7.3",
                     "available since OpenSSH 6.4, Dropbear SSH 2013.62"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -136,6 +142,9 @@
                 ],
                 "info": [
                     "available since OpenSSH 5.7, Dropbear SSH 2013.62"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -147,6 +156,9 @@
                 ],
                 "info": [
                     "available since OpenSSH 5.7, Dropbear SSH 2013.62"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -158,6 +170,9 @@
                 ],
                 "info": [
                     "available since OpenSSH 5.7, Dropbear SSH 2013.62"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -168,7 +183,8 @@
                     "available since OpenSSH 7.3, Dropbear SSH 2016.73"
                 ],
                 "warn": [
-                    "2048-bit modulus only provides 112-bits of symmetric strength"
+                    "2048-bit modulus only provides 112-bits of symmetric strength",
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -182,7 +198,8 @@
                     "available since OpenSSH 3.9, Dropbear SSH 0.53"
                 ],
                 "warn": [
-                    "2048-bit modulus only provides 112-bits of symmetric strength"
+                    "2048-bit modulus only provides 112-bits of symmetric strength",
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -191,6 +208,9 @@
             "notes": {
                 "info": [
                     "available since Dropbear SSH 2013.57"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         }
@@ -349,12 +369,6 @@
                         "name": "twofish256-ctr",
                         "notes": ""
                     }
-                ],
-                "kex": [
-                    {
-                        "name": "diffie-hellman-group16-sha512",
-                        "notes": ""
-                    }
                 ]
             }
         },
@@ -371,9 +385,21 @@
                     }
                 ],
                 "kex": [
+                    {
+                        "name": "curve25519-sha256",
+                        "notes": ""
+                    },
+                    {
+                        "name": "[email protected]",
+                        "notes": ""
+                    },
                     {
                         "name": "diffie-hellman-group14-sha256",
                         "notes": ""
+                    },
+                    {
+                        "name": "[email protected]",
+                        "notes": ""
                     }
                 ],
                 "mac": [
 
@@ -5,22 +5,30 @@
 [0;32m(gen) compression: enabled ([email protected])[0m
 
 [0;36m# key exchange algorithms[0m
-[0;32m(kex) curve25519-sha256              -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76[0m
-[0;32m                                     `- [info] default key exchange from OpenSSH 7.4 to 8.9[0m
-[0;32m(kex) [email protected]   -- [info] available since OpenSSH 6.4, Dropbear SSH 2013.62[0m
-[0;32m                                     `- [info] default key exchange from OpenSSH 6.5 to 7.3[0m
+[0;33m(kex) curve25519-sha256              -- [warn] does not provide protection against post-quantum attacks[0m
+                                     `- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
+                                     `- [info] default key exchange from OpenSSH 7.4 to 8.9
+[0;33m(kex) [email protected]   -- [warn] does not provide protection against post-quantum attacks[0m
+                                     `- [info] available since OpenSSH 6.4, Dropbear SSH 2013.62
+                                     `- [info] default key exchange from OpenSSH 6.5 to 7.3
 [0;31m(kex) ecdh-sha2-nistp521             -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency[0m
+[0;33m                                     `- [warn] does not provide protection against post-quantum attacks[0m
                                      `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
 [0;31m(kex) ecdh-sha2-nistp384             -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency[0m
+[0;33m                                     `- [warn] does not provide protection against post-quantum attacks[0m
                                      `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
 [0;31m(kex) ecdh-sha2-nistp256             -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency[0m
+[0;33m                                     `- [warn] does not provide protection against post-quantum attacks[0m
                                      `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
 [0;33m(kex) diffie-hellman-group14-sha256  -- [warn] 2048-bit modulus only provides 112-bits of symmetric strength[0m
+[0;33m                                     `- [warn] does not provide protection against post-quantum attacks[0m
                                      `- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
 [0;31m(kex) diffie-hellman-group14-sha1    -- [fail] using broken SHA-1 hash algorithm[0m
 [0;33m                                     `- [warn] 2048-bit modulus only provides 112-bits of symmetric strength[0m
+[0;33m                                     `- [warn] does not provide protection against post-quantum attacks[0m
                                      `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
-[0;32m(kex) [email protected]      -- [info] available since Dropbear SSH 2013.57[0m
+[0;33m(kex) [email protected]      -- [warn] does not provide protection against post-quantum attacks[0m
+                                     `- [info] available since Dropbear SSH 2013.57
 
 [0;36m# host-key algorithms[0m
 [0;31m(key) ecdsa-sha2-nistp256            -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency[0m
@@ -74,13 +82,15 @@
 [0;31m(rec) -hmac-sha1-96                  -- mac algorithm to remove [0m
 [0;31m(rec) -ssh-dss                       -- key algorithm to remove [0m
 [0;31m(rec) -ssh-rsa                       -- key algorithm to remove [0m
-[0;32m(rec) +diffie-hellman-group16-sha512 -- kex algorithm to append [0m
 [0;32m(rec) +twofish128-ctr                -- enc algorithm to append [0m
 [0;32m(rec) +twofish256-ctr                -- enc algorithm to append [0m
 [0;33m(rec) -aes128-cbc                    -- enc algorithm to remove [0m
 [0;33m(rec) -aes256-cbc                    -- enc algorithm to remove [0m
+[0;33m(rec) -curve25519-sha256             -- kex algorithm to remove [0m
+[0;33m(rec) [email protected]  -- kex algorithm to remove [0m
 [0;33m(rec) -diffie-hellman-group14-sha256 -- kex algorithm to remove [0m
 [0;33m(rec) -hmac-sha2-256                 -- mac algorithm to remove [0m
+[0;33m(rec) [email protected]     -- kex algorithm to remove [0m
 
 [0;36m# additional info[0m
 [0;33m(nfo) For hardening guides on common OSes, please see: <https://www.ssh-audit.com/hardening_guides.html>[0m
 
@@ -173,6 +173,9 @@
                 ],
                 "info": [
                     "available since OpenSSH 2.3.0"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -186,7 +189,8 @@
                     "available since OpenSSH 3.9, Dropbear SSH 0.53"
                 ],
                 "warn": [
-                    "2048-bit modulus only provides 112-bits of symmetric strength"
+                    "2048-bit modulus only provides 112-bits of symmetric strength",
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -201,6 +205,9 @@
                 "info": [
                     "removed in OpenSSH 6.9: https://www.openssh.com/txt/release-6.9",
                     "available since OpenSSH 2.3.0, Dropbear SSH 0.28"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         }
 
@@ -10,13 +10,16 @@
 
 [0;36m# key exchange algorithms[0m
 [0;31m(kex) diffie-hellman-group-exchange-sha1 (1024-bit) -- [fail] using small 1024-bit modulus[0m
+[0;33m                                                    `- [warn] does not provide protection against post-quantum attacks[0m
                                                     `- [info] available since OpenSSH 2.3.0
 [0;31m(kex) diffie-hellman-group14-sha1         -- [fail] using broken SHA-1 hash algorithm[0m
 [0;33m                                          `- [warn] 2048-bit modulus only provides 112-bits of symmetric strength[0m
+[0;33m                                          `- [warn] does not provide protection against post-quantum attacks[0m
                                           `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
 [0;31m(kex) diffie-hellman-group1-sha1          -- [fail] using small 1024-bit modulus[0m
 [0;31m                                          `- [fail] vulnerable to the Logjam attack: https://en.wikipedia.org/wiki/Logjam_(computer_security)[0m
 [0;31m                                          `- [fail] using broken SHA-1 hash algorithm[0m
+[0;33m                                          `- [warn] does not provide protection against post-quantum attacks[0m
                                           `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
                                           `- [info] removed in OpenSSH 6.9: https://www.openssh.com/txt/release-6.9
 
 
@@ -195,6 +195,9 @@
                 ],
                 "info": [
                     "available since OpenSSH 4.4"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -207,6 +210,9 @@
                 ],
                 "info": [
                     "available since OpenSSH 2.3.0"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -220,7 +226,8 @@
                     "available since OpenSSH 3.9, Dropbear SSH 0.53"
                 ],
                 "warn": [
-                    "2048-bit modulus only provides 112-bits of symmetric strength"
+                    "2048-bit modulus only provides 112-bits of symmetric strength",
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -235,6 +242,9 @@
                 "info": [
                     "removed in OpenSSH 6.9: https://www.openssh.com/txt/release-6.9",
                     "available since OpenSSH 2.3.0, Dropbear SSH 0.28"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         }
 
@@ -6,15 +6,19 @@
 
 [0;36m# key exchange algorithms[0m
 [0;31m(kex) diffie-hellman-group-exchange-sha256 (1024-bit) -- [fail] using small 1024-bit modulus[0m
+[0;33m                                                      `- [warn] does not provide protection against post-quantum attacks[0m
                                                       `- [info] available since OpenSSH 4.4
 [0;31m(kex) diffie-hellman-group-exchange-sha1 (1024-bit) -- [fail] using small 1024-bit modulus[0m
+[0;33m                                                    `- [warn] does not provide protection against post-quantum attacks[0m
                                                     `- [info] available since OpenSSH 2.3.0
 [0;31m(kex) diffie-hellman-group14-sha1           -- [fail] using broken SHA-1 hash algorithm[0m
 [0;33m                                            `- [warn] 2048-bit modulus only provides 112-bits of symmetric strength[0m
+[0;33m                                            `- [warn] does not provide protection against post-quantum attacks[0m
                                             `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
 [0;31m(kex) diffie-hellman-group1-sha1            -- [fail] using small 1024-bit modulus[0m
 [0;31m                                            `- [fail] vulnerable to the Logjam attack: https://en.wikipedia.org/wiki/Logjam_(computer_security)[0m
 [0;31m                                            `- [fail] using broken SHA-1 hash algorithm[0m
+[0;33m                                            `- [warn] does not provide protection against post-quantum attacks[0m
                                             `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
                                             `- [info] removed in OpenSSH 6.9: https://www.openssh.com/txt/release-6.9
 
 
@@ -185,6 +185,9 @@
                 ],
                 "info": [
                     "available since OpenSSH 4.4"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -197,6 +200,9 @@
                 ],
                 "info": [
                     "available since OpenSSH 2.3.0"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -210,7 +216,8 @@
                     "available since OpenSSH 3.9, Dropbear SSH 0.53"
                 ],
                 "warn": [
-                    "2048-bit modulus only provides 112-bits of symmetric strength"
+                    "2048-bit modulus only provides 112-bits of symmetric strength",
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -225,6 +232,9 @@
                 "info": [
                     "removed in OpenSSH 6.9: https://www.openssh.com/txt/release-6.9",
                     "available since OpenSSH 2.3.0, Dropbear SSH 0.28"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         }
 
@@ -6,15 +6,19 @@
 
 [0;36m# key exchange algorithms[0m
 [0;31m(kex) diffie-hellman-group-exchange-sha256 (1024-bit) -- [fail] using small 1024-bit modulus[0m
+[0;33m                                                      `- [warn] does not provide protection against post-quantum attacks[0m
                                                       `- [info] available since OpenSSH 4.4
 [0;31m(kex) diffie-hellman-group-exchange-sha1 (1024-bit) -- [fail] using small 1024-bit modulus[0m
+[0;33m                                                    `- [warn] does not provide protection against post-quantum attacks[0m
                                                     `- [info] available since OpenSSH 2.3.0
 [0;31m(kex) diffie-hellman-group14-sha1           -- [fail] using broken SHA-1 hash algorithm[0m
 [0;33m                                            `- [warn] 2048-bit modulus only provides 112-bits of symmetric strength[0m
+[0;33m                                            `- [warn] does not provide protection against post-quantum attacks[0m
                                             `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
 [0;31m(kex) diffie-hellman-group1-sha1            -- [fail] using small 1024-bit modulus[0m
 [0;31m                                            `- [fail] vulnerable to the Logjam attack: https://en.wikipedia.org/wiki/Logjam_(computer_security)[0m
 [0;31m                                            `- [fail] using broken SHA-1 hash algorithm[0m
+[0;33m                                            `- [warn] does not provide protection against post-quantum attacks[0m
                                             `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
                                             `- [info] removed in OpenSSH 6.9: https://www.openssh.com/txt/release-6.9
 
 
@@ -185,6 +185,9 @@
                 ],
                 "info": [
                     "available since OpenSSH 4.4"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -197,6 +200,9 @@
                 ],
                 "info": [
                     "available since OpenSSH 2.3.0"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -210,7 +216,8 @@
                     "available since OpenSSH 3.9, Dropbear SSH 0.53"
                 ],
                 "warn": [
-                    "2048-bit modulus only provides 112-bits of symmetric strength"
+                    "2048-bit modulus only provides 112-bits of symmetric strength",
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         },
@@ -225,6 +232,9 @@
                 "info": [
                     "removed in OpenSSH 6.9: https://www.openssh.com/txt/release-6.9",
                     "available since OpenSSH 2.3.0, Dropbear SSH 0.28"
+                ],
+                "warn": [
+                    "does not provide protection against post-quantum attacks"
                 ]
             }
         }
Original file line number	Diff line number	Diff line change
`@@ -116,6 +116,9 @@`
`116`	`116`	`"info": [`
`117`	`117`	`"default key exchange from OpenSSH 7.4 to 8.9",`
`118`	`118`	`"available since OpenSSH 7.4, Dropbear SSH 2018.76"`
	`119`	`+ ],`
	`120`	`+ "warn": [`
	`121`	`+ "does not provide protection against post-quantum attacks"`
`119`	`122`	`]`
`120`	`123`	`}`
`121`	`124`	`},`
`@@ -125,6 +128,9 @@`
`125`	`128`	`"info": [`
`126`	`129`	`"default key exchange from OpenSSH 6.5 to 7.3",`
`127`	`130`	`"available since OpenSSH 6.4, Dropbear SSH 2013.62"`
	`131`	`+ ],`
	`132`	`+ "warn": [`
	`133`	`+ "does not provide protection against post-quantum attacks"`
`128`	`134`	`]`
`129`	`135`	`}`
`130`	`136`	`},`
`@@ -136,6 +142,9 @@`
`136`	`142`	`],`
`137`	`143`	`"info": [`
`138`	`144`	`"available since OpenSSH 5.7, Dropbear SSH 2013.62"`
	`145`	`+ ],`
	`146`	`+ "warn": [`
	`147`	`+ "does not provide protection against post-quantum attacks"`
`139`	`148`	`]`
`140`	`149`	`}`
`141`	`150`	`},`
`@@ -147,6 +156,9 @@`
`147`	`156`	`],`
`148`	`157`	`"info": [`
`149`	`158`	`"available since OpenSSH 5.7, Dropbear SSH 2013.62"`
	`159`	`+ ],`
	`160`	`+ "warn": [`
	`161`	`+ "does not provide protection against post-quantum attacks"`
`150`	`162`	`]`
`151`	`163`	`}`
`152`	`164`	`},`
`@@ -158,6 +170,9 @@`
`158`	`170`	`],`
`159`	`171`	`"info": [`
`160`	`172`	`"available since OpenSSH 5.7, Dropbear SSH 2013.62"`
	`173`	`+ ],`
	`174`	`+ "warn": [`
	`175`	`+ "does not provide protection against post-quantum attacks"`
`161`	`176`	`]`
`162`	`177`	`}`
`163`	`178`	`},`
`@@ -168,7 +183,8 @@`
`168`	`183`	`"available since OpenSSH 7.3, Dropbear SSH 2016.73"`
`169`	`184`	`],`
`170`	`185`	`"warn": [`
`171`		`- "2048-bit modulus only provides 112-bits of symmetric strength"`
	`186`	`+ "2048-bit modulus only provides 112-bits of symmetric strength",`
	`187`	`+ "does not provide protection against post-quantum attacks"`
`172`	`188`	`]`
`173`	`189`	`}`
`174`	`190`	`},`
`@@ -182,7 +198,8 @@`
`182`	`198`	`"available since OpenSSH 3.9, Dropbear SSH 0.53"`
`183`	`199`	`],`
`184`	`200`	`"warn": [`
`185`		`- "2048-bit modulus only provides 112-bits of symmetric strength"`
	`201`	`+ "2048-bit modulus only provides 112-bits of symmetric strength",`
	`202`	`+ "does not provide protection against post-quantum attacks"`
`186`	`203`	`]`
`187`	`204`	`}`
`188`	`205`	`},`
`@@ -191,6 +208,9 @@`
`191`	`208`	`"notes": {`
`192`	`209`	`"info": [`
`193`	`210`	`"available since Dropbear SSH 2013.57"`
	`211`	`+ ],`
	`212`	`+ "warn": [`
	`213`	`+ "does not provide protection against post-quantum attacks"`
`194`	`214`	`]`
`195`	`215`	`}`
`196`	`216`	`}`
`@@ -349,12 +369,6 @@`
`349`	`369`	`"name": "twofish256-ctr",`
`350`	`370`	`"notes": ""`
`351`	`371`	`}`
`352`		`- ],`
`353`		`- "kex": [`
`354`		`- {`
`355`		`- "name": "diffie-hellman-group16-sha512",`
`356`		`- "notes": ""`
`357`		`- }`
`358`	`372`	`]`
`359`	`373`	`}`
`360`	`374`	`},`
`@@ -371,9 +385,21 @@`
`371`	`385`	`}`
`372`	`386`	`],`
`373`	`387`	`"kex": [`
	`388`	`+ {`
	`389`	`+ "name": "curve25519-sha256",`
	`390`	`+ "notes": ""`
	`391`	`+ },`
	`392`	`+ {`
	`393`	`+ "name": "[email protected]",`
	`394`	`+ "notes": ""`
	`395`	`+ },`
`374`	`396`	`{`
`375`	`397`	`"name": "diffie-hellman-group14-sha256",`
`376`	`398`	`"notes": ""`
	`399`	`+ },`
	`400`	`+ {`
	`401`	`+ "name": "[email protected]",`
	`402`	`+ "notes": ""`
`377`	`403`	`}`
`378`	`404`	`],`
`379`	`405`	`"mac": [`
Original file line number	Diff line number	Diff line change
`@@ -173,6 +173,9 @@`
`173`	`173`	`],`
`174`	`174`	`"info": [`
`175`	`175`	`"available since OpenSSH 2.3.0"`
	`176`	`+ ],`
	`177`	`+ "warn": [`
	`178`	`+ "does not provide protection against post-quantum attacks"`
`176`	`179`	`]`
`177`	`180`	`}`
`178`	`181`	`},`
`@@ -186,7 +189,8 @@`
`186`	`189`	`"available since OpenSSH 3.9, Dropbear SSH 0.53"`
`187`	`190`	`],`
`188`	`191`	`"warn": [`
`189`		`- "2048-bit modulus only provides 112-bits of symmetric strength"`
	`192`	`+ "2048-bit modulus only provides 112-bits of symmetric strength",`
	`193`	`+ "does not provide protection against post-quantum attacks"`
`190`	`194`	`]`
`191`	`195`	`}`
`192`	`196`	`},`
`@@ -201,6 +205,9 @@`
`201`	`205`	`"info": [`
`202`	`206`	`"removed in OpenSSH 6.9: https://www.openssh.com/txt/release-6.9",`
`203`	`207`	`"available since OpenSSH 2.3.0, Dropbear SSH 0.28"`
	`208`	`+ ],`
	`209`	`+ "warn": [`
	`210`	`+ "does not provide protection against post-quantum attacks"`
`204`	`211`	`]`
`205`	`212`	`}`
`206`	`213`	`}`
Original file line number	Diff line number	Diff line change
`@@ -195,6 +195,9 @@`
`195`	`195`	`],`
`196`	`196`	`"info": [`
`197`	`197`	`"available since OpenSSH 4.4"`
	`198`	`+ ],`
	`199`	`+ "warn": [`
	`200`	`+ "does not provide protection against post-quantum attacks"`
`198`	`201`	`]`
`199`	`202`	`}`
`200`	`203`	`},`
`@@ -207,6 +210,9 @@`
`207`	`210`	`],`
`208`	`211`	`"info": [`
`209`	`212`	`"available since OpenSSH 2.3.0"`
	`213`	`+ ],`
	`214`	`+ "warn": [`
	`215`	`+ "does not provide protection against post-quantum attacks"`
`210`	`216`	`]`
`211`	`217`	`}`
`212`	`218`	`},`
`@@ -220,7 +226,8 @@`
`220`	`226`	`"available since OpenSSH 3.9, Dropbear SSH 0.53"`
`221`	`227`	`],`
`222`	`228`	`"warn": [`
`223`		`- "2048-bit modulus only provides 112-bits of symmetric strength"`
	`229`	`+ "2048-bit modulus only provides 112-bits of symmetric strength",`
	`230`	`+ "does not provide protection against post-quantum attacks"`
`224`	`231`	`]`
`225`	`232`	`}`
`226`	`233`	`},`
`@@ -235,6 +242,9 @@`
`235`	`242`	`"info": [`
`236`	`243`	`"removed in OpenSSH 6.9: https://www.openssh.com/txt/release-6.9",`
`237`	`244`	`"available since OpenSSH 2.3.0, Dropbear SSH 0.28"`
	`245`	`+ ],`
	`246`	`+ "warn": [`
	`247`	`+ "does not provide protection against post-quantum attacks"`
`238`	`248`	`]`
`239`	`249`	`}`
`240`	`250`	`}`
Original file line number	Diff line number	Diff line change
`@@ -185,6 +185,9 @@`
`185`	`185`	`],`
`186`	`186`	`"info": [`
`187`	`187`	`"available since OpenSSH 4.4"`
	`188`	`+ ],`
	`189`	`+ "warn": [`
	`190`	`+ "does not provide protection against post-quantum attacks"`
`188`	`191`	`]`
`189`	`192`	`}`
`190`	`193`	`},`
`@@ -197,6 +200,9 @@`
`197`	`200`	`],`
`198`	`201`	`"info": [`
`199`	`202`	`"available since OpenSSH 2.3.0"`
	`203`	`+ ],`
	`204`	`+ "warn": [`
	`205`	`+ "does not provide protection against post-quantum attacks"`
`200`	`206`	`]`
`201`	`207`	`}`
`202`	`208`	`},`
`@@ -210,7 +216,8 @@`
`210`	`216`	`"available since OpenSSH 3.9, Dropbear SSH 0.53"`
`211`	`217`	`],`
`212`	`218`	`"warn": [`
`213`		`- "2048-bit modulus only provides 112-bits of symmetric strength"`
	`219`	`+ "2048-bit modulus only provides 112-bits of symmetric strength",`
	`220`	`+ "does not provide protection against post-quantum attacks"`
`214`	`221`	`]`
`215`	`222`	`}`
`216`	`223`	`},`
`@@ -225,6 +232,9 @@`
`225`	`232`	`"info": [`
`226`	`233`	`"removed in OpenSSH 6.9: https://www.openssh.com/txt/release-6.9",`
`227`	`234`	`"available since OpenSSH 2.3.0, Dropbear SSH 0.28"`
	`235`	`+ ],`
	`236`	`+ "warn": [`
	`237`	`+ "does not provide protection against post-quantum attacks"`
`228`	`238`	`]`
`229`	`239`	`}`
`230`	`240`	`}`