Friday, June 10, 2011

Cracking Password-Protected SSH Keys with John the Ripper

I have just found this announcement sent by Solar Designer from the Openwall Project.

It seems that they have added support to crack password-protected SSH private keys:

This community-enhanced release integrates preliminary support for several non-hashes, implemented under Dhiru Kholia's GSoC 2011 project. Specifically, it supports cracking of OpenSSH's passphrase-protected SSH protocol 2 private keys, password-protected PDF files with 40-bit and 128-bit RC4 encryption, and some password-protected RAR archives.

Yes, Dhiru's SSH key cracker includes OpenMP parallelization. There's a limitation, though: this requires OpenSSL 1.0.0 or newer, for thread-safety of the interfaces being used. When building or running with older versions of OpenSSL, OpenMP parallelization in the SSH cracker is automatically disabled. (You can always use MPI instead.)

No comments:

Post a Comment