SSH-Checker

This tool connects to a Gitlab instance and then uses Badkeys to check the SSH-keys of all users.

Setup

Install dependencies: pip install -r requirements.txt
Install / update the Badkeys banlist: badkeys --update-bl
Create a .env file and set these two variables:
- GITLAB_HOST: The URL of your Gitlab instance
- GITLAB_TOKEN: A Gitlab "Personal Access Token" that has at least the permission user_read
This tool does not require admin permissions on the tested Gitlab instance.

Run the SSH-Checker with python ssh_checker.py
The tool will use the provided access token to retrieve all users from Gitlab.
You will be asked to specify a start- and end-index within the user-list. This is necessary because Gitlab might not allow to fetch the keys of all users within one run of this script due to rate limiting.
For each user in the interval, the tool will fetch all SSH-keys of that user from Gitlab.
Then, we use Badkeys to check each key. This works locally, no API calls to Badkeys are necessary for this.
If Badkeys finds problems with a key, we output that information and write it to a csv file.
Finally, we print the distribution of key-types.

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
gitlab_connector.py		gitlab_connector.py
requirements.txt		requirements.txt
ssh_checker.py		ssh_checker.py