elie/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2024-07-02 12:14:45 +02:00
Code Issues Packages Projects Releases Wiki Activity
522 Commits 1 Branch 15 Tags 3 MiB
cc9e4fbc4a
Commit Graph

29 Commits

Author SHA1 Message Date
Joe Testa
cc9e4fbc4a Generic failure/warning messages replaced with more specific reasons. SHA-1 algorithms now cause failures. CBC mode ciphers are now warnings instead of failures. 2023-03-23 21:36:02 -04:00
Joe Testa
413dea60ae Fixed docker tests affected by previous commit. 2023-03-21 14:58:00 -04:00
Joe Testa
71feaa191e Add note regarding OpenSSH's 2048-bit GEX fallback, and suppress the related recommendation since the user cannot control it (partly related to #168). 2023-03-21 11:44:45 -04:00
Joe Testa
c9dc9a9c10 Now issues a warning when 2048-bit moduli are encountered. 2023-02-06 16:27:30 -05:00
Joe Testa
c6b8dc97e1 Fixed tests. 2022-02-21 21:48:10 -05:00
tomatohater1337
1f0b3acff2
Complete "target" in the JSON output with the port (#123) 
* Complete "target" in JSON output with the port

The JSON output was not showing the port of the target which was scanned. This could be problematic when scanning a host with more than one ssh service running.

* Docker tests completet with the port of the scan target in the JSON output
 2021-10-13 23:44:55 -04:00
Joe Testa
07862489c4 Added MD5 fingerprint hashes to verbose output. 2021-05-20 18:03:24 -04:00
Joe Testa
1bbc3feb57 Added OpenSSH 8.5 built-in policy. Added sntrup761x25519-sha512@openssh.com kex. 2021-02-23 16:02:20 -05:00
Joe Testa
e0f0956edc Added extra warnings for SSHv1. (#6) 2021-02-02 12:20:37 -05:00
Joe Testa
c49a0fb22f Upgraded SHA-1 key signatures from warnings to failures. Added deprecation warning to ssh-rsa-cert-v00@openssh.com, ssh-rsa-cert-v01@openssh.com, x509v3-sign-rsa, and x509v3-ssh-rsa host key types. 2021-02-01 19:19:46 -05:00
Joe Testa
13d15baa2a Added multi-threaded scanning support. 2021-02-01 13:10:06 -05:00
Joe Testa
0d9881966c Added version check for OpenSSH user enumeration (CVE-2018-15473). (#83) 2020-11-05 20:24:09 -05:00
Joe Testa
175bd2cf66 Fixed recommendation output function from suppressing some algorithms inappropriately. 2020-10-20 21:34:34 -04:00
Joe Testa
ec48249deb Now reports policy errors in an easier to read format. (#63) 2020-10-20 16:25:39 -04:00
Joe Testa
046c866da4 Moved built-in policies from external files to internal database. (#75) 2020-10-19 17:27:37 -04:00
Joe Testa
632adc076a Policy check output now prints port number, if applicable. 2020-09-27 11:48:15 -04:00
Joe Testa
936acfa37d Added more structure to JSON result when policy errors are found. 2020-07-29 12:36:08 -04:00
Joe Testa
68a420ff00 Added policy support for optional host key types, like certificates and smart card-based types. 2020-07-15 14:32:14 -04:00
Joe Testa
b95969bbc0 Policy output now more clearly prints the policy version. 2020-07-14 17:38:15 -04:00
Joe Testa
d5ef967758 Upgraded 1024-bit modulus warning to failure. 2020-06-30 22:51:13 -04:00
Joe Testa
dd44e2f010 Added policy checks (#10). 2020-06-30 15:53:50 -04:00
Joe Testa
c9a2f2955c Marked host key type 'ssh-rsa' as weak due to practical SHA-1 collisions. 2020-02-08 23:56:54 -05:00
Joe Testa
0263769243 Added JSON output tests to docker testing suite. 2019-11-08 18:40:32 -05:00
Joe Testa
e62b548677 Updated info on curve25519-sha256 kex. 2019-10-21 11:50:23 -04:00
Joe Testa
fd3a1f7d41 Added client audit functionality. (#3) 2019-09-27 18:14:36 -04:00
Joe Testa
7221413567 Added TinySSH test. 2019-08-27 22:28:24 -04:00
Joe Testa
120f898539 Added Dropbear test. 2019-08-26 14:45:31 -04:00
Joe Testa
4ebccb8068 Added OpenSSH v4.0 test. 2019-08-22 16:48:23 -04:00
Joe Testa
4f138d7f82 Added docker testing framework. 2019-08-22 16:04:46 -04:00