blob: d5b9d26f216782ae48d2630e421afed70d04cd32 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
ssh-audit is a tool for ssh server & client configuration auditing.
Features:
* SSH1 and SSH2 protocol server support;
* analyze SSH client configuration;
* grab banner, recognize device or software and operating system,
detect compression;
* gather key-exchange, host-key, encryption and
message authentication code algorithms;
* output algorithm information
(available since, removed/disabled, unsafe/weak/legacy, etc);
* output algorithm recommendations
(append or remove based on recognized software version);
* output security information (related issues, assigned CVE list, etc);
* analyze SSH version compatibility based on algorithm information;
* historical information from OpenSSH, Dropbear SSH and libssh;
* no dependencies, compatible with Python 2.6+, Python 3.x and PyPy.
|
