From 3220043aafd040df8f252a922a0dd317d9d8e40e Mon Sep 17 00:00:00 2001 From: Joe Testa Date: Thu, 10 Oct 2024 16:10:52 -0400 Subject: [PATCH] Added note regarding hardening instructions. --- src/ssh_audit/ssh_audit.py | 1 + 1 file changed, 1 insertion(+) diff --git a/src/ssh_audit/ssh_audit.py b/src/ssh_audit/ssh_audit.py index 012a4d8..96a59d6 100755 --- a/src/ssh_audit/ssh_audit.py +++ b/src/ssh_audit/ssh_audit.py @@ -784,6 +784,7 @@ def list_policies(out: OutputBuffer, verbose: bool) -> None: out.info("\nHint: Use -P and provide the full name of a policy to run a policy scan with.\n") out.info("Hint: Use -L -v to also see the change log for each policy.\n") out.info("Note: the general OpenSSH policies apply to the official releases only. OS distributions may back-port changes that cause failures (for example, Debian 11 back-ported the strict KEX mode into their package of OpenSSH v8.4, whereas it was only officially added to OpenSSH v9.6 and later). In these cases, consider creating a custom policy (-M option).\n") + out.info("Note: instructions for hardening targets, which correspond to the above policies, can be found at: \n") out.write()