mirror of
https://github.com/jtesta/ssh-audit.git
synced 2024-11-16 13:35:39 +01:00
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
d834074378
Add OpenSSH 7.2 warning messages. Fix OpenSSH 7.0 failure messages. Add forgotten failure on rijndael-cbc. Bump version. |
||
---|---|---|
.gitignore | ||
README.md | ||
ssh-audit.py |
ssh-audit
ssh-audit is a tool for ssh server auditing.
Features
- grab banner, detect ssh1 protocol and zlib compression;
- gather key-exchange, host-key, encryption and message authentication code algorithms;
- output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
- historical information from OpenSSH and Dropbear SSH;
- no dependencies, compatible with python2 and python3;
Usage
usage: ssh-audit.py [-nv] host[:port]
-v verbose
-n disable colors
Verbose flag will fill each row, i.e, not leave blanks, for easier usage with batch scripts or with manual grepping.
example
ChangeLog
v1.0.20160105
- multiple additional warnings
- support for none algorithm
- better compression handling
- ensure reading enough data (fixes few Linux SSH)
v1.0.20151230
- Dropbear SSH support
v1.0.20151223
- initial version