Skip to content

I suggest you ...

← General

Add SSH leaked keys

We believe the future of credentials checking goes beyond just password, and integrating SSH key checking would add lots of value to www.haveibeenwned.com.
SSH keys are also sensitive credentials that are increasingly exploited by attackers in our research findings. We are willing to share our up-to-date SSH leaked key database with www.haveibeenwned.com.

102 votes
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Y W shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Archit Patke commented  ·   ·  Report

    That's a good suggestion. We definitely need a public database of leaked SSH keys.

  • Haoran Qiu commented  ·   ·  Report

    Great idea! Sensitive credentials like SSH keys should be taken good care of.

  • Jack Cui commented  ·   ·  Report

    Agreed. Leaked keys are an essential issue that would lead to trenmendous loss for companies or enterprises if not discovered in time.

  • HA commented  ·   ·  Report

    This is a very timely idea. Today, an exposed SSH public key in Fortinet SIEM allows admin access to the security events system -- referred as CVE-2019-17659.

General

Categories

Feedback and Knowledge Base

(thinking…)