ssh-audit – SSH Server Auditing

  • 425
  •  
  •  
  •  
  •  
  •  
  •  
  •  
    425
    Shares

ssh-audit is a tool for ssh server auditing.

Features:

  • SSH1 and SSH2 protocol server support;
  • grab banner, recognize device or software and operating system, detect compression;
  • gather key-exchange, host-key, encryption and message authentication code algorithms;
  • output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
  • output algorithm recommendations (append or remove based on recognized software version);
  • output security information (related issues, assigned CVE list, etc);
  • analyze SSH version compatibility based on algorithm information;
  • historical information from OpenSSH, Dropbear SSH and libssh;
  • no dependencies, compatible with Python 2.6+, Python 3.x and PyPy;

 

Usage:

 

usage: ssh-audit.py [-bnv] [-l ] <host[:port]>

-1, --ssh1 force ssh version 1 only
-2, --ssh2 force ssh version 2 only
-b, --batch batch output
-n, --no-colors disable colors
-v, --verbose verbose output
-l, --level= minimum output level (info|warn|fail)

 
– batch flag -b will output sections without header and without empty lines (implies verbose flag).
– verbose flag -v will prefix each line with section type and algorithm name.

Download now: ssh-audit

The following two tabs change content below.

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Leave a Reply