ssh-audit/README.md

# ssh-audit
**ssh-audit** is a tool for ssh server auditing.  

## Features
- grab banner, detect ssh1 protocol and zlib compression;
- gather key-exchange, host-key, encryption and message authentication code algorithms;
- output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
- analyze SSH version compatibility based on algorithm information;
- historical information from OpenSSH and Dropbear SSH;
- no dependencies, compatible with python2 and python3;

## Usage
```
usage: ssh-audit.py [-nv] host[:port]

   -v  verbose
   -n  disable colors
```
Verbose flag will fill each row, i.e, not leave blanks, for easier usage with _batch_ scripts or with manual grepping.

### example
![screenshot](https://cloud.githubusercontent.com/assets/7356025/17623665/da5281c8-60a9-11e6-9582-13f9971c22e0.png)  

## ChangeLog
### v1.0.20160812
 - implement SSH version compatibility feature
 - fix wrong mac algorithm warning
 - fix Dropbear SSH version typo
 - parse pre-banner header
 - better errors handling

### v1.0.20160803
 - use OpenSSH 7.3 banner
 - add new key-exchange algorithms

### v1.0.20160207
 - use OpenSSH 7.2 banner
 - additional warnings for OpenSSH 7.2 
 - fix OpenSSH 7.0 failure messages
 - add rijndael-cbc failure message from OpenSSH 6.7

### v1.0.20160105
 - multiple additional warnings
 - support for none algorithm
 - better compression handling  
 - ensure reading enough data (fixes few Linux SSH)  

### v1.0.20151230
 - Dropbear SSH support  

### v1.0.20151223
 - initial version
Init project. 2015-12-23 03:56:13 +01:00			`# ssh-audit`
Initial readme. 2015-12-23 04:52:21 +01:00			`ssh-audit is a tool for ssh server auditing.`

			`## Features`
			`- grab banner, detect ssh1 protocol and zlib compression;`
			`- gather key-exchange, host-key, encryption and message authentication code algorithms;`
			`- output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);`
Clarify SSH version compatibility feature. 2016-08-12 15:33:34 +02:00			`- analyze SSH version compatibility based on algorithm information;`
new release 2015-12-30 12:17:58 +01:00			`- historical information from OpenSSH and Dropbear SSH;`
dependency-free 2015-12-30 16:01:11 +01:00			`- no dependencies, compatible with python2 and python3;`
Initial readme. 2015-12-23 04:52:21 +01:00
			`## Usage`
			```
			`usage: ssh-audit.py [-nv] host[:port]`

			`-v verbose`
			`-n disable colors`
			```
			`Verbose flag will fill each row, i.e, not leave blanks, for easier usage with _batch_ scripts or with manual grepping.`

			`### example`
Release v1.0.20160812. 2016-08-12 15:29:51 +02:00			`![screenshot](https://cloud.githubusercontent.com/assets/7356025/17623665/da5281c8-60a9-11e6-9582-13f9971c22e0.png)`
Initial readme. 2015-12-23 04:52:21 +01:00
			`## ChangeLog`
Release v1.0.20160812. 2016-08-12 15:29:51 +02:00			`### v1.0.20160812`
Clarify SSH version compatibility feature. 2016-08-12 15:33:34 +02:00			`- implement SSH version compatibility feature`
Release v1.0.20160812. 2016-08-12 15:29:51 +02:00			`- fix wrong mac algorithm warning`
			`- fix Dropbear SSH version typo`
			`- parse pre-banner header`
			`- better errors handling`

Add new key-exchange algorithms. Use OpenSSH 7.3 banner. 2016-08-03 16:32:46 +02:00			`### v1.0.20160803`
			`- use OpenSSH 7.3 banner`
			`- add new key-exchange algorithms`

Update ChangeLog. 2016-03-07 12:01:57 +01:00			`### v1.0.20160207`
			`- use OpenSSH 7.2 banner`
			`- additional warnings for OpenSSH 7.2`
			`- fix OpenSSH 7.0 failure messages`
			`- add rijndael-cbc failure message from OpenSSH 6.7`

Document changes. 2016-01-05 13:14:50 +01:00			`### v1.0.20160105`
Document changes. 2016-01-05 17:04:49 +01:00			`- multiple additional warnings`
			`- support for none algorithm`
Document changes. 2016-01-05 13:14:50 +01:00			`- better compression handling`
			`- ensure reading enough data (fixes few Linux SSH)`

new release 2015-12-30 12:17:58 +01:00			`### v1.0.20151230`
			`- Dropbear SSH support`

Initial readme. 2015-12-23 04:52:21 +01:00			`### v1.0.20151223`
			`- initial version`