ssh-audit
Tool and Usage
Project details
- License
- MIT
- Programming language
- Python
- Author
- Andris Raugulis
- Latest release
- 1.7.0
- Latest release date
Project health
Why this tool?
The ssh-audit tool is of great help when scanning SSH servers to discover possible improvements. It is written in Python and with a simple 'git clone' it can already be started. You typically would use a tool like this to improve your own SSH configurations or as part of a security assignment.
How it works
The tool has a range of functions to test the SSH instance it is scanning. It looks at banner texts and protocol specifics to determine what kind of system and SSH server it is dealing with it. By comparing responses with known issues, it can even discover particular vulnerabilities.
Usage and audience
ssh-audit is commonly used for application security, penetration testing, or security assessment. Target users for this tool are pentesters, security professionals, and system administrators.
Features
- Colored output
- Command line interface
- Multiple levels of details in output
Example usage and output
(gen) banner: SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
(gen) software: OpenSSH 7.2p2
(gen) compatibility: OpenSSH 7.2+, Dropbear SSH 2013.62+
(gen) compression: enabled (zlib@openssh.com)
# key exchange algorithms
(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
`- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
`- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
`- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
`- [info] available since OpenSSH 4.4
(kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
`- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
# host-key algorithms
(key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
(key) rsa-sha2-512 -- [info] available since OpenSSH 7.2
(key) rsa-sha2-256 -- [info] available since OpenSSH 7.2
(key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
`- [warn] using weak random number generator could reveal the key
`- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(key) ssh-ed25519 -- [info] available since OpenSSH 6.5
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
Strengths
- + The source code is easy to read and understand
- + Tool is easy to use
- + More than 2000 GitHub stars
- + Very low number of dependencies
- + The source code of this software is available
Installation
Supported operating systems
Ssh-audit is known to work on Linux.
ssh-audit alternatives
Similar tools to ssh-audit:
SSHsec
SSHsec scans a system running the SSH protocol and retrieves its configuration, host keys, and Diffie-Hellman groups.
ssh_scan
The ssh_scan utility is a SSH configuration and policy scanner maintained by the Mozilla Foundation. It helps to secure Linux systems running the OpenSSH.
Lynis
Lynis is a security auditing tool for systems running Linux, macOS, or Unix. It can be used for security assessments and configuration audits.
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
Compare ssh-audit with other tools
Categories
This tool is categorized as a SSH configuration scanner.