For i still don't know any public check for weak SSL-Certs and SSH-Keys, i set up two checks for weak ssh- and ssl-keys, implementing the most common blacklists.
http://serversniff.net/sslcert.php and http://serversniff.net/sshreport.php Maybe this is helping those not able to cope with the currently available shellscripts to check their infrastructure for the flaw. tom _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
