SSH server auditing
ssh-audit is a tool for ssh server auditing.
Features:
* SSH1 and SSH2 protocol server support;
* grab banner, recognize device or software and operating system, detect compression;
* gather key-exchange, host-key, encryption and message authentication code algorithms;
* output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
* output algorithm recommendations (append or remove based on recognized software version);
* output security information (related issues, assigned CVE list, etc);
* analyze SSH version compatibility based on algorithm information;
* historical information from OpenSSH, Dropbear SSH and libssh;
* no dependencies, compatible with Python 2.6+, Python 3.x and PyPy;
- Links to security / ssh-audit
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:mnhauke/ssh-audit && cd $_
- Create Badge
Source Files
Filename | Size | Changed |
---|---|---|
_link | 0000000247 247 Bytes | |
project.diff | 0000001805 1.76 KB | |
ssh-audit-2.9.0.tar.gz | 0000144686 141 KB | |
ssh-audit-2.9.0.tar.gz.sig | 0000000566 566 Bytes |
Revision 13 (latest revision is 19)
- Update to version 2.9.0 * Dropped support for Python 3.6 * Updated CVE database. * Added -g and --gex-test for granular GEX modulus size tests. * JSON 'target' field now always includes port number. * JSON output now includes recommendations and CVE data. * Mixed host key/CA key types (i.e.: RSA host keys signed with ED25519 CAs, etc.) are now properly handled. * Warnings are now printed for 2048-bit moduli. * SHA-1 algorithms now cause failures. * CBC mode ciphers are now warnings instead of failures. * Generic failure/warning messages replaced with more specific reasons (i.e.:'using weak cipher' => 'using broken RC4 cipher') * Updated built-in policies to include missing host key size information. * Added built-in policies for OpenSSH 8.8, 8.9, 9.0, 9.1, 9.2, and 9.3. * Added 33 new host keys. * Added 46 new key exchanges. * Added 28 new ciphers. * Added 5 new MACs.
Comments 0