Tools compared: SSH security scanners
Finding the right tool can be difficult. This sheet compares ScanSSH, ssh-audit and ssh_scan.
ScanSSH is a security tool to perform scans on SSH to detect open proxies and available services. It retrieves version information and related details.
The ssh-audit tool helps to perform a security assessment of SSH servers and their configuration. It can be used for security testing and penetration tests.
The ssh_scan utility is a SSH configuration and policy scanner maintained by the Mozilla Foundation. It helps to secure Linux systems running the OpenSSH.
This tool is light on its dependencies, as it only uses Ruby and BinData. The scanner is simple to use, as it is limited in the number of parameters and options. There is also the ability to show the results on the screen or export the data to a JSON file. The latter is great if you want to do further processing of the details, or simply store them for later comparison.
|Strenghts||Project is mature (10+ years), The source code of this software is available||More than 1000 GitHub stars, The source code of this software is available||More than 10 contributors, The source code of this software is available, Supported by a large company|
|Tool page (last updated)|
|More information||ScanSSH review||ssh-audit review||ssh_scan review|