elie/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2026-06-15 01:02:27 +02:00
Code Issues Packages Projects Releases Wiki Activity
704 Commits 1 Branch 16 Tags
e01bd61df0e5267999b53b2fde0f6576fc790b5a
Commit Graph

704 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Testa e01bd61df0 Added usedforsecurity=False to hashlib.md5() call to suppress security scanner warning. 2026-06-13 10:54:54 -04:00
Joe Testa f2ed8c01ae Added new host key: webauthn-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com (#348) 2026-06-13 10:27:07 -04:00
Joe Testa bbec6dbf23 Bumped copyright year. 2026-06-13 10:23:36 -04:00
Joe Testa 2573235f6a Added support for Python 3.14. Dropped support for Python 3.9. 2026-06-13 09:08:15 -04:00
Joe Testa 4f9a630de4 Added Debian 13 policies and hardening guides. 2025-09-01 18:22:46 -04:00
Joe Testa f821565ff9 Renamed hardeningguides.py. 2025-09-01 17:39:07 -04:00
Joe Testa 062a1f3cb4 Updated changelog message for version 2 of Ubuntu Server 24 policy. 2025-09-01 16:43:59 -04:00
Joe Testa c900874406 Added policy option to allow host key subsets and/or reorderings. 2025-09-01 16:22:40 -04:00
Joe Testa 0382cf9b2d Aside from linking to online hardening guides, mention that built-in guides are also available. 2025-08-30 16:26:57 -04:00
Joe Testa d8d90a3a89 Dropped support for Python 3.8, as it reached its end-of-life in October 2024. 2025-08-24 15:50:58 -04:00
Joe Testa aaa7d24565 Updated GEX fallback detection for OpenSSH 10.0 and later, as version 9.9 was the last to include it. (#310) 2025-08-24 15:41:14 -04:00
Joe Testa d3b1551520 Added OpenSSH 10.0 policy. 2025-08-24 12:52:22 -04:00
Joe Testa 970d747dcb Smoothed out some rough edges from PR #307. 2025-08-17 16:34:32 -04:00
oam7575 1c0d3d5df1 print config v2 Issue #191 (#307) 
* print config v2

 - printconfig script
 - test_printconfig for tox testing
 - update globals for GUIDES_UPDATED date value
 - update ssh_audit for print_config argument and checks

* pr307 update 1

* pr307 update 2

* pr307 - attempt 2

* Update ssh_audit.py

Missed a TAB
 2025-08-17 16:05:14 -04:00
Joe Testa 4845a8fdee Updated README. 2025-08-06 08:40:36 -04:00
Joe Testa 11a902cb14 Removed SSHv1 support (#298). 2025-07-26 19:57:11 -04:00
Joe Testa b456bb31b9 Added note on mlkem768x25519-sha256 that it is the default key exchange since OpenSSH 10.0. 2025-06-16 18:59:36 -04:00
Joe Testa 32085b2fa5 Added two new ciphers: AEAD_CAMELLIA_128_GCM, AEAD_CAMELLIA_256_GCM. 2025-05-18 18:46:40 -04:00
Joe Testa 5ddd8cca5b Added 2 new key exchanges: mlkem768nistp256-sha256, mlkem1024nistp384-sha384. 2025-04-18 18:29:18 -04:00
Joe Testa b90db2c1af Fixed mypy failure. 2025-04-18 17:06:29 -04:00
playoutsideplay 68c827c239 Update LICENSE (#319) 
Updated year
 2025-04-18 16:27:44 -04:00
Joe Testa e318787a5c Batch mode no longer automatically enables verbose mode. 2024-12-05 10:06:58 -05:00
Joe Testa d9c703c777 When running against multiple hosts, now prints each target host regardless of output level. (#309) 2024-12-05 09:41:26 -05:00
Joe Testa 28a1e23986 Added warnings to all key exchanges that do not provide protection against quantum attacks. 2024-11-25 15:56:51 -05:00
Joe Testa a01baadfa8 Additional cleanups after merging #304. 2024-11-22 12:28:02 -05:00
oam7575 45abc3aaf4 Argparse v3 - RC1 (#304) 
* Argparse v3 - RC1

* Argparse v3 - RC1

Argparse v3 RC1 - post feedback

Argparse v3 - RC2
 2024-11-22 12:26:20 -05:00
Joe Testa 99c64787d9 Updated description of -m option. 2024-10-16 16:39:11 -04:00
Joe Testa 3fa62c3ac5 Fixed man page parsing error. (#301) 2024-10-16 16:23:20 -04:00
Joe Testa d7fff591fa Bumped version to v3.4.0-dev. 2024-10-15 18:30:08 -04:00
Joe Testa 84647ecb32 Updated packaging notes. 2024-10-15 18:29:25 -04:00
Joe Testa 772204ce8b Bumped version to v3.3.0. v3.3.0 2024-10-15 13:28:38 -04:00
Joe Testa c0133a8d5f Listing built-in policies will now hide older versions, unless -v is used. 2024-10-11 15:43:09 -04:00
Joe Testa 3220043aaf Added note regarding hardening instructions. 2024-10-10 16:10:52 -04:00
Joe Testa 40ed92bbe6 Run tests against stable version of Python 3.13. 2024-10-10 16:06:18 -04:00
Joe Testa 720150b471 Issue a warning if an out-dated policy is used. 2024-10-10 15:57:29 -04:00
Joe Testa d0628f6eb4 Updated ext-info-c and ext-info-s key exchanges to include versions of OpenSSH they were first included in. (#291) 2024-10-07 17:41:39 -04:00
Joe Testa 1e060a94c0 Updated built-in server and client policies for Amazon Linux 2023. 2024-10-01 18:15:02 -04:00
Joe Testa 8563c2925b Updated built-in client policy for Debian 12. 2024-10-01 17:48:49 -04:00
Joe Testa 556306be5e Updated built-in client policy for Rocky Linux 9. 2024-10-01 17:39:42 -04:00
Joe Testa 7ab6d20454 Updated built-in client policy for Ubuntu 22.04. 2024-10-01 17:32:49 -04:00
Joe Testa 1f1a51d591 Updated Ubuntu 22.04 built-in policy. 2024-10-01 17:06:03 -04:00
Joe Testa 77a63de133 Updated Rocky Linux 9 built-in policy. 2024-10-01 16:21:23 -04:00
Joe Testa cffa126277 Updated Debian 12 built-in policy. (#283) 2024-10-01 15:01:44 -04:00
Joe Testa dc615cef7f Fixed DH rate testing on Windows. (#261) 2024-09-28 18:39:55 -04:00
Joe Testa cb6142c609 Ignore mypy errors on colorama import. 2024-09-28 17:43:32 -04:00
Joe Testa 629008e55e Updated test commands. 2024-09-26 18:34:40 -04:00
Joe Testa 016a5d89f7 Updated Github Actions workflow to use Tox through pip instead of the platform version. 2024-09-26 18:31:21 -04:00
Joe Testa 93b30b4258 Removed version-based CVE information. (#240) 2024-09-26 13:15:58 -04:00
Joe Testa 3b8a75e407 Server kex/host key parsing failures no longer output a stack trace unless in debug mode. 2024-09-25 17:34:18 -04:00
Joe Testa 67e11f82b3 Updated --targets description. 2024-09-25 17:12:16 -04:00