This template checks for a pattern in provided files.
id: ssh-public-key info: name: SSH Public Key Detect author: pd-team severity: low file: - extensions: - pub max-size: 1024 # read very small chunks matchers: - type: word words: - "ssh-rsa"
The below template is same as last one, but it makes use of an extension denylist along with the no-recursive option.
id: ssh-private-key info: name: SSH Private Key Detect author: pd-team severity: high file: - extensions: - all denylist: - pub no-recursive: true max-size: 1024 # read very small chunks matchers: - type: word words: - "BEGIN OPENSSH PRIVATE KEY" - "BEGIN PRIVATE KEY" - "BEGIN RSA PRIVATE KEY" - "BEGIN DSA PRIVATE KEY" - "BEGIN EC PRIVATE KEY" - "BEGIN PGP PRIVATE KEY BLOCK" - "ssh-rsa"
Was this page helpful?
