blob: 98423428b503d81367e7f05d4c36bf6e78ca235a (
plain) (
tree)
|
|
ssh-audit is a tool for ssh server & client configuration auditing.
Features:
* SSH1 and SSH2 protocol server support;
* analyze SSH client configuration;
* grab banner, recognize device or software and operating system,
detect compression;
* gather key-exchange, host-key, encryption and
message authentication code algorithms;
* output algorithm information
(available since, removed/disabled, unsafe/weak/legacy, etc);
* output algorithm recommendations
(append or remove based on recognized software version);
* output security information (related issues, assigned CVE list, etc);
* analyze SSH version compatibility based on algorithm information;
* historical information from OpenSSH, Dropbear SSH and libssh;
* no dependencies, compatible with Python 2.6+, Python 3.x and PyPy.
WWW: https://github.com/jtesta/ssh-audit
|