bom-examples icon indicating copy to clipboard operation
bom-examples copied to clipboard
verified publisher icon CycloneDX

Create SSH CBOM example

Open stevespringett opened this issue 2 months ago • 1 comments

From a Slack discussion:

SSH keys, SSH config, KeyStores, SSH certificates and x509 context.

https://cyclonedx.slack.com/archives/C05E2FLUTNH/p1760515550499579

stevespringett avatar Oct 16 '25 13:10 stevespringett

As part of the inventory of certain SSH keys, the following requirements should be considered as important attributes.

Key name: A name given to the key based on the comments and its fingerprint

uuid key: A universal unique identifier to identify an SSH key

Key Type: Private or public

Key path: Complete path of the key files

Key permissions: Permissions associated with the key

Format : RFC 4716

Key description : If possible, provide a more complete description of the key with, for example, "SSH key – user: john.doe – SHA256:a6w8tg145"

Key creation date : Key file creation date

Key first discovery: Date of first discovery

Key last discovery Date of last discovery

Key Hash: Hash / fingerprint of a key

Key length: The length of the key

Key purpose description: Example: Connect to remote servers, Person to Machine, Machine to Machine, Machine to Machine secure file transfers (with authentication between services), port forwarding, automated tasks (like CI/CD), tunneling and port forwarding automated transfers.

Association / Key configuration option : Option restricting or customizing key usage. For example: specification of authorized IP ranges, restricted command option port forwarding

Location / environment where the key is detected: Client operating system: Linux, Windows and macOS Server operating system: Linux and Windows Network equipment: routers, switches, firewall Virtualization and cloud: Virtual machines, containers, cloud administration

User or account: User or account associated with the SSH key

Network flows: Scans SSH server/client logs to associate the network flows on which the SSH key was used

Signature Algorithm type: The type of algorithm associated with the key Complete list::

Supported algorithms::

  • rsa-sha2-256
  • rsa-sha2-512
  • ecdsa-sha2-nistp256
  • ecdsa-sha2-nistp384
  • ecdsa-sha2-nistp521
  • ssh-ed25519
  • ssh-dss
  • ssh-rsa

akrogames avatar Oct 16 '25 14:10 akrogames