id: ssh-private-key
info:
name: SSH Private Key Detect
author: pd-team
severity: high
file:
- extensions:
- all
denylist:
- pub
no-recursive: true
max-size: 1024 # read very small chunks
matchers:
- type: word
words:
- "BEGIN OPENSSH PRIVATE KEY"
- "BEGIN PRIVATE KEY"
- "BEGIN RSA PRIVATE KEY"
- "BEGIN DSA PRIVATE KEY"
- "BEGIN EC PRIVATE KEY"
- "BEGIN PGP PRIVATE KEY BLOCK"
- "ssh-rsa"