- Update to version 3.3.0
* Added Python 3.13 support.
* Added built-in policies for Ubuntu 24.04 LTS server & client,
OpenSSH 9.8, and OpenSSH 9.9.
* Added IPv6 support for DHEat and connection rate tests.
* Added TCP port information to JSON policy scan results.
* Added LANcom LCOS server recognition and Ed448 key extraction
* Now reports ECDSA and DSS fingerprints when in verbose mode.
* Removed CVE information based on server/client version numbers,
as this was wildly inaccurate (see this thread for the full
discussion, as well as the results of the community vote on
this matter).
* Fixed crash when running with -P and -T options simultaneously.
* Fixed host key tests from only reporting a key type at most
once despite multiple hosts supporting it.
* Fixed invalid JSON output when a socket error occurs while
performing a client audit.
* When scanning multiple targets (using -T/--targets),
the -p/--port option will now be used as the default port
(set to 22 if -p/--port is not given). Hosts specified in the
file can override this default with an explicit port number
(i.e.: "host1:1234"). For example, when using -T targets.txt
-p 222, all hosts in targets.txt that do not explicitly include
a port number will default to 222; when using -T targets.txt
(without -p), all hosts will use a default of 22.
* Updated built-in server & client policies for
Amazon Linux 2023, Debian 12, Rocky Linux 9, and Ubuntu 22.04
to improve host key efficiency and cipher resistance to quantum
attacks.
* Added 1 new cipher: grasshopper-ctr128.