SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
This release features a new --dheat
option to test targets for the DHEat denial-of-service attack (see CVE-2002-20001). Also included are changes to custom policies that allow targets to surpass the specified security level; this allows for the creation of baseline policies (partial credit yannik1015 and Damian Szuberski).
This version is also available as a PyPI package (pip3 install ssh-audit
), Docker image (docker pull positronsecurity/ssh-audit
), Snap package (snap install ssh-audit
), or as a Windows executable (see below, though be aware that sometimes Windows Defender inappropriately detects it as malware!).
--dheat
option; CVE-2002-20001).ecdsa-sha2-nistp*
CA signatures on host keys. Additionally, they are now flagged as potentially back-doored, just as standard host keys are.-m
, --manual
) is now available on Docker, PyPI, and Snap builds, in addition to the Windows build.python:3-slim
to python:3-alpine
, resulting in a 59% reduction in image size; credit Daniel Thamdrup.-L -v
to view them).allow_algorithm_subset_and_reordering
directive to allow targets to pass with a subset and/or re-ordered list of host keys, kex, ciphers, and MACs. This allows for the creation of a baseline policy where targets can optionally implement stricter controls; partial credit yannik1015.allow_larger_keys
directive to allow targets to pass with larger host keys, CA keys, and Diffie-Hellman keys. This allows for the creation of a baseline policy where targets can optionally implement stricter controls; partial credit Damian Szuberski.NO_COLOR
environment variable is set (see https://no-color.org/).gss-nistp384-sha384-*
.[email protected]
.This release features tests for the Terrapin message prefix truncation vulnerability in the SSH protocol (CVE-2023-48795), along with other minor enhancements and fixes.
This version is also available as a PyPI package (pip3 install ssh-audit
), Docker image (docker pull positronsecurity/ssh-audit
), Snap package (snap install ssh-audit
), or as a Windows executable (see below, though be aware that sometimes Windows Defender inappropriately detects it as malware!).
The full change log is:
[email protected]
and ssh-ed25519
to the end of all certificate types.additional_notes
field to the JSON output.This release includes important fixes for multiple-host scans, improved Diffie-Hellman group exchange auditing, and the inclusion of algorithm notes into the JSON output (note that this changes the schema of the banner protocol, "enc", and "mac" fields). Support for 49 new algorithms were also added!
This version is also available as a PyPI package (pip3 install ssh-audit
), Docker image (docker pull positronsecurity/ssh-audit
), Snap package (snap install ssh-audit
), or as a Windows executable (see below, though be aware that sometimes Windows Defender inappropriately detects it as malware!).
The full change log is:
ecdsa-sha2-curve25519
, ecdsa-sha2-nistb233
, ecdsa-sha2-nistb409
, ecdsa-sha2-nistk163
, ecdsa-sha2-nistk233
, ecdsa-sha2-nistk283
, ecdsa-sha2-nistk409
, ecdsa-sha2-nistp224
, ecdsa-sha2-nistp192
, ecdsa-sha2-nistt571
, ssh-dsa
, x509v3-sign-rsa-sha256
.[email protected]
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, kexAlgoDH14SHA1
, kexAlgoDH1SHA1
, kexAlgoECDH256
, kexAlgoECDH384
, kexAlgoECDH521
, sm2kep-sha2-nistp256
, [email protected]
, [email protected]
.[email protected]
, cast128-12-cbc
, cast128-12-cfb
, cast128-12-ecb
, cast128-12-ofb
, des-cfb
, des-ecb
, des-ofb
.cbcmac-3des
, cbcmac-aes
, cbcmac-blowfish
, cbcmac-des
, cbcmac-rijndael
, cbcmac-twofish
, hmac-sha256-96
, md5
, md5-8
, ripemd160
, ripemd160-8
, sha1
, sha1-8
, umac-128
.This release includes many new features, including granular GEX modulus tests (credit Adam Russell), support for mixed host key/CA key certificates (i.e.: RSA host keys signed by ED25519 CAs), warnings for 2048-bit moduli, and more descriptive algorithm notes. Support for 112 new algorithms were also added!
Note that this version is also available as a PyPI package (pip3 install ssh-audit
), Snap package (snap install ssh-audit
), or as a Windows executable (see below, though be aware that sometimes Windows Defender inappropriately detects it as malware!).
The full change log is:
[email protected]
.-g
and --gex-test
for granular GEX modulus size tests; credit Adam Russell.[email protected]
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, null
, pgp-sign-dss
, pgp-sign-rsa
, spki-sign-dss
, spki-sign-rsa
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, ssh-rsa-sha2-256
, ssh-rsa-sha2-512
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, x509v3-ecdsa-sha2-1.3.132.0.10
, x509v3-sign-dss-sha1
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, x509v3-sign-rsa-sha1
, [email protected]
, [email protected]
, [email protected]
.[email protected]
, diffie-hellman_group17-sha512
, [email protected]
, [email protected]
, ecdh-sha2-1.2.840.10045.3.1.1
, ecdh-sha2-1.2.840.10045.3.1.7
, ecdh-sha2-1.3.132.0.1
, ecdh-sha2-1.3.132.0.16
, ecdh-sha2-1.3.132.0.26
, ecdh-sha2-1.3.132.0.27
, ecdh-sha2-1.3.132.0.33
, ecdh-sha2-1.3.132.0.34
, ecdh-sha2-1.3.132.0.35
, ecdh-sha2-1.3.132.0.36
, ecdh-sha2-1.3.132.0.37
, ecdh-sha2-1.3.132.0.38
, ecdh-sha2-4MHB+NBt3AlaSRQ7MnB4cg==
, ecdh-sha2-5pPrSUQtIaTjUSt5VZNBjg==
, ecdh-sha2-9UzNcgwTlEnSCECZa7V1mw==
, ecdh-sha2-D3FefCjYoJ/kfXgAyLddYA==
, ecdh-sha2-h/SsxnLCtRBh7I9ATyeB3A==
, ecdh-sha2-m/FtSAmrV4j/Wy6RVUaK7A==
, ecdh-sha2-mNVwCXAoS1HGmHpLvBC94w==
, ecdh-sha2-qCbG5Cn/jjsZ7nBeR7EnOA==
, ecdh-sha2-qcFQaMAMGhTziMT0z+Tuzw==
, ecdh-sha2-VqBg4QRPjxx1EXZdV0GdWQ==
, ecdh-sha2-wiRIU8TKjMZ418sMqlqtvQ==
, ecdh-sha2-zD/b3hu/71952ArpUG4OjQ==
, ecmqv-sha2
, gss-13.3.132.0.10-sha256-*
, gss-curve25519-sha256-*
, gss-curve448-sha512-*
, gss-gex-sha1-*
, gss-gex-sha256-*
, gss-group14-sha1-*
, gss-group14-sha256-*
, gss-group15-sha512-*
, gss-group16-sha512-*
, gss-group17-sha512-*
, gss-group18-sha512-*
, gss-group1-sha1-*
, gss-nistp256-sha256-*
, gss-nistp384-sha256-*
, gss-nistp521-sha512-*
, [email protected]
, [email protected]
.3des-cfb
, 3des-ecb
, 3des-ofb
, blowfish-cfb
, blowfish-ecb
, blowfish-ofb
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, cast128-cfb
, cast128-ecb
, cast128-ofb
, [email protected]
, idea-cfb
, idea-ecb
, idea-ofb
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, twofish-cfb
, twofish-ecb
, twofish-ofb
[email protected]
, [email protected]
, [email protected]
, [email protected]
, hmac-whirlpool
.This release fixes some minor bugs, and adds some minor features.
Please note that this version is also available as a PyPI package (pip3 install ssh-audit
), Snap package (snap install ssh-audit
), or as a Windows executable (below, though be aware that Windows Defender inappropriately detects it as malware!).
The full change log is:
-jj
is used (useful for debugging).-d
/--debug
option for getting debugging output; credit Adam Russell.rsa-sha2-512
and rsa-sha2-256
.gss-gex-sha1-eipGX3TCiQSrx573bT1o1Q==
, gss-group1-sha1-eipGX3TCiQSrx573bT1o1Q==
, and gss-group14-sha1-eipGX3TCiQSrx573bT1o1Q==
.hmac-ripemd160-96
, AEAD_AES_128_GCM
, and AEAD_AES_256_GCM
.This is primarily a bug-fix release.
Please note that this version is also available as a PyPI package (pip3 install ssh-audit
), Snap package (snap install ssh-audit
), or as a Windows executable (below).
The full change log is:
-m
/--manual
); credit Adam Russell.[email protected]
.This release features better public key size parsing, as well as a major code re-organization (see #46 and #47), and other improvements.
Please note that this version is also available as a PyPI package (pip3 install ssh-audit
), Snap package (snap install ssh-audit
), or as a Windows executable (below).
The full change log is:
[email protected]
and [email protected]
host key types.[email protected]
as a failure due to SHA-1 hash.--lookup
) now performs case-insensitive lookups of similar algorithms; credit Adam Russell.[email protected]
.The highlight of this release is support for policy scanning (this allows an admin to test a server against a hardened/standard configuration). See the tutorial link below for a more detailed description.
The full change log is:
-L
/--list-policies
, -M
/--make-policy
and -P
/--policy
). For an in-depth tutorial, see https://www.positronsecurity.com/blog/2020-09-27-ssh-policy-configuration-checks-with-ssh-audit/.ssh-audit.1
file).--lookup
); credit Adam Russell.ssh-rsa1
, [email protected]
, ssh-gost2001
, ssh-gost2012-256
, ssh-gost2012-512
, spki-sign-rsa
, ssh-ed448
, x509v3-ecdsa-sha2-nistp256
, x509v3-ecdsa-sha2-nistp384
, x509v3-ecdsa-sha2-nistp521
, x509v3-rsa2048-sha256
.diffie-hellman-group1-sha256
, kexAlgoCurve25519SHA256
, Curve25519SHA256
, gss-group14-sha256-
, gss-group15-sha512-
, gss-group16-sha512-
, gss-nistp256-sha256-
, gss-curve25519-sha256-
.blowfish
, AEAD_AES_128_GCM
, AEAD_AES_256_GCM
, [email protected]
, [email protected]
.[email protected]
, hmac-sha3-224
, [email protected]
.This release re-classifies the very common ssh-rsa
host key type as weak, due to practical SHA-1 attacks (see link below). Many new algorithms are also implemented.
ssh-rsa
as weak due to practical SHA-1 collisions.ecdsa-sha2-1.3.132.0.10
, x509v3-sign-dss
, x509v3-sign-rsa
, [email protected]
, x509v3-ssh-dss
, x509v3-ssh-rsa
, [email protected]
, [email protected]
, [email protected]
, and [email protected]
.[email protected]
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, [email protected]
, ecdh-sha2-curve25519
, ecdh-sha2-nistb233
, ecdh-sha2-nistb409
, ecdh-sha2-nistk163
, ecdh-sha2-nistk233
, ecdh-sha2-nistk283
, ecdh-sha2-nistk409
, ecdh-sha2-nistp192
, ecdh-sha2-nistp224
, ecdh-sha2-nistt571
, gss-gex-sha1-
, and gss-group1-sha1-
.camellia128-cbc
, camellia128-ctr
, camellia192-cbc
, camellia192-ctr
, camellia256-cbc
, camellia256-ctr
, aes128-gcm
, aes256-gcm
, and chacha20-poly1305
.aes128-gcm
and aes256-gcm
.Note that pre-built packages are available for Windows (below), via PyPI (pip3 install ssh-audit
), and via the snap repository (snap install ssh-audit
).
This maintenance release focuses on improving support for client testing. The full changelog is:
[email protected]
, [email protected]
.des
, 3des
.Also included is the first Windows release!