diff --git a/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/manifests/.no_puppet b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_local/local.rb b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_local/local.rb
new file mode 100644
index 000000000..e744f8950
--- /dev/null
+++ b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_local/local.rb
@@ -0,0 +1,93 @@
+#!/usr/bin/ruby
+require_relative '../../../../../../lib/objects/local_string_encoder.rb'
+require 'json'
+require 'open3'
+require 'fileutils'
+require 'openssl'
+
+class SimpleSSHDecrypt < StringEncoder
+ attr_accessor :ssh_key_pair
+ attr_accessor :tmp_path
+ attr_accessor :subdirectory
+
+ def initialize
+ super
+ self.module_name = 'Simple SSH Decryption Challenge'
+ self.subdirectory = ''
+ self.ssh_key_pair = {}
+ self.tmp_path = File.expand_path(File.dirname(__FILE__)).split("/")[0...-1].join('/') + '/tmp/'
+ Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
+ self.tmp_path += Time.new.strftime("%Y%m%d_%H%M%S")
+ Dir.mkdir self.tmp_path unless Dir.exists? self.tmp_path
+ end
+
+ def encode_all
+ begin
+ public_ascii = self.ssh_key_pair['public']
+ private_ascii = self.ssh_key_pair['private']
+
+
+ # save strings_to_encode to a file
+ File.open("#{self.tmp_path}/ciphertext", "w+") do |file|
+ self.strings_to_encode.each do |line|
+ file.write(line + "\n")
+ end
+ file.close
+ end
+
+ # Save ascii pubkey to file
+ File.open("#{self.tmp_path}/pub_key", "w+") do |file|
+ file.write(public_ascii)
+ end
+
+ # Convert public key to PEM so OpenSSL can consume it
+ #
+ stdout, stderr, status = Open3.capture3("ssh-keygen -f #{self.tmp_path}/pub_key -e -m pem > #{self.tmp_path}/pub_key.pem")
+
+
+
+ public_key = OpenSSL::PKey::RSA.new(File.read("#{self.tmp_path}/pub_key.pem"))
+ encrypted_string = Base64.encode64(public_key.public_encrypt(self.strings_to_encode.join("\n")))
+
+
+ # # generate a binary key file from our ascii input and save it in ../tmp/binary_pub.key.
+ # _, _, _ = Open3.capture3("gpg --dearmor #{self.tmp_path}/pub_key")
+ #
+ # # Use the binary key to encode some cipher text
+ # _, _, _ = Open3.capture3("gpg --no-default-keyring --keyring #{self.tmp_path}/pub_key.gpg --trust-model always -ear secgen@localhost #{self.tmp_path}/ciphertext")
+
+ # Read the ciphertext.asc file in and feed it into the outputs
+ ciphertext = File.read("#{self.tmp_path}/ciphertext.asc")
+
+ self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(ciphertext), :filename => 'cipher', :ext => 'txt', :subdirectory => self.subdirectory}}.to_json
+ self.outputs << {:secgen_leaked_data => {:data => Base64.strict_encode64(private_ascii), :filename => 'private', :ext => 'key', :subdirectory => self.subdirectory}}.to_json
+ ensure
+ # Delete the local key files to avoid batch clashes
+ # FileUtils.rm_r self.tmp_path
+ end
+ end
+
+ def process_options(opt, arg)
+ super
+ case opt
+ when '--subdirectory'
+ self.subdirectory << arg;
+ when '--ssh_key_pair'
+ self.ssh_key_pair = JSON.parse(arg);
+ end
+ end
+
+ def get_options_array
+ super + [['--subdirectory', GetoptLong::REQUIRED_ARGUMENT],
+ ['--ssh_key_pair', GetoptLong::REQUIRED_ARGUMENT]]
+ end
+
+
+ def encoding_print_string
+ 'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding +
+ 'subdirectory: ' + self.subdirectory.to_s + print_string_padding +
+ 'ssh_key_pair: ' + self.ssh_key_pair.to_json
+ end
+end
+
+SimpleSSHDecrypt.new.run
\ No newline at end of file
diff --git a/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_metadata.xml b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_metadata.xml
new file mode 100644
index 000000000..1cb7ca690
--- /dev/null
+++ b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/secgen_metadata.xml
@@ -0,0 +1,40 @@
+
+
+
+ Simple SSH Decryption Challenge
+ Thomas Shaw
+ MIT
+ Returns a private key and some encrypted ciphertext.
+
+ asymmetric
+ challenge_generator
+ crypto_challenge_generator
+ local_calculation
+ linux
+ windows
+
+ low
+
+ strings_to_encode
+ ssh_key_pair
+ subdirectory
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ array
+
\ No newline at end of file
diff --git a/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/simple_ssh.pp b/modules/encoders/cipher/asymmetric_decrypt/simple_ssh/simple_ssh.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/generators/key/ssh_key_pair/secgen_metadata.xml b/modules/generators/key/ssh_key_pair/secgen_metadata.xml
index 291008e36..d5a429e18 100644
--- a/modules/generators/key/ssh_key_pair/secgen_metadata.xml
+++ b/modules/generators/key/ssh_key_pair/secgen_metadata.xml
@@ -9,6 +9,7 @@
Generates a pair of RSA 2048 ssh keys.
ssh_key_generator
+ ssh_key_pair
linux
ssh_key_pair