I know how to check Unix and Windows passwords for quality - John the Ripper is quite an encompassing tool (http://www.openwall.com/john/).
I now need to check ssh2 and openssh private keys for policy compliance - do they have a password, and is it nontrivial? Which tool am I going to use? Kristian _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
