ssh-audit

LSE toolsLSE toolsssh-audit (432)ssh-audit (432)

Tool and Usage

Project details
LicenseMIT
Programming languagePython
AuthorAndris Raugulis
Latest release1.7.0 []

Project health

60
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

The ssh-audit tool is of great help when scanning SSH servers to discover possible improvements. It is written in Python and with a simple 'git clone' it can already be started. You typically would use a tool like this to improve your own SSH configurations or as part of a security assignment.

How it works

The tool has a range of functions to test the SSH instance it is scanning. It looks at banner texts and protocol specifics to determine what kind of system and SSH server it is dealing with it. By comparing responses with known issues, it can even discover particular vulnerabilities.

Usage and audience

ssh-audit is commonly used for application security, penetration testing, or security assessment. Target users for this tool are pentesters, security professionals, and system administrators.

Features

  • Colored output
  • Command line interface
  • Multiple levels of details in output

Example usage and output

# general
(gen) banner: SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
(gen) software: OpenSSH 7.2p2
(gen) compatibility: OpenSSH 7.2+, Dropbear SSH 2013.62+
(gen) compression: enabled (zlib@openssh.com)

# key exchange algorithms
(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
`- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
`- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
`- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
`- [info] available since OpenSSH 4.4
(kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
`- [info] available since OpenSSH 3.9, Dropbear SSH 0.53

# host-key algorithms
(key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
(key) rsa-sha2-512 -- [info] available since OpenSSH 7.2
(key) rsa-sha2-256 -- [info] available since OpenSSH 7.2
(key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
`- [warn] using weak random number generator could reveal the key
`- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(key) ssh-ed25519 -- [info] available since OpenSSH 6.5

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code is easy to read and understand
  • + Tool is easy to use
  • + More than 2000 GitHub stars
  • + Very low number of dependencies
  • + The source code of this software is available

Author and Maintainers

Ssh-audit is under development by Andris Raugulis.

Installation

Supported operating systems

Ssh-audit is known to work on Linux.

ssh-audit alternatives

Similar tools to ssh-audit:

60

SSHsec

SSHsec scans a system running the SSH protocol and retrieves its configuration, host keys, and Diffie-Hellman groups.

84

ssh_scan

The ssh_scan utility is a SSH configuration and policy scanner maintained by the Mozilla Foundation. It helps to secure Linux systems running the OpenSSH.

100

Lynis

Lynis is a security auditing tool for systems running Linux, macOS, or Unix. It can be used for security assessments and configuration audits.

All ssh-audit alternatives

Found an improvement? Help the community by submitting an update.

Related tool information

Compare ssh-audit with other tools

Categories

This tool is categorized as a SSH configuration scanner.