The best way to scan for weak ssh passwords on your network
0fe645f turn off debugging for this sshd 4f9d741 simplify e2e test running 7b91924 allow all tunneling for this test fb1f48d fix sshd command d5db9ac Merge branch 'master' of github.com:ncsa/ssh-auditor dd1c959 Improve tunnel testing and e2e tests d6a3aaa Merge pull request #11 from kayavila/master 6d4a7ef Updating goreleaser config formatting 467b2c8 optimize Dockerfile module downloading 7d5c12d bump go version used for e2e tests 3f2ff54 Convert to a go module 89c319e implement host delete command
eda2a3f build standalone before doing e2e-tests f46ac82 Add automated goreleaser build, fix key test 2617592 add initial support for key based authentication 9a0f1ae add a test case for an account with no password 16b854c problem: Can't discover using a list of ips 2cb844d problem: can't discover a single host 4192134 remove redundant if block bf9d35d Merge pull request #4 from Neo23x0/master 9546ea7 feat: Reset credentials 3a00933 feat: Reset scan interval
6964394 bump version to 0.10 a88c2fe Reduce database locking fd46a19 repalce fpm with goreleaser
Automated with GoReleaser Built with go version go1.10 linux/amd64
Biggest change in 0.9 is the beginning of better interop with other tools. This is starting with support for importing and exporting credentials, listing hosts as json and reporting as json/text/html.
Issue https://github.com/ncsa/ssh-auditor/issues/2 details the credential import feature.
9e0841d Bump version to 0.9 62227ea wrap archive in directory 2cac649 ensure build is static bfcacf6 add goreleaser config 4392706 implement json cred import 01adab1 import cred import tsv 8c75ac1 add html report 0158d76 fix typo f2d6d2e add initial report commands 23970f9 check error when writing output cc6605e json output for duplicate key report 1640304 Start switching to json for command output for better interop 6656064 problem: AddCredential doesn't properly update scan_interval 1477dad implement host list 966dd8a Implement credential list command 6a5a717 Simplify the ssh credential checking code
Automated with GoReleaser Built with go version go1.10 linux/amd64
Many of the internals were refactored to make testing easier. There is now an initial test suite that starts up a bunch of containers running sshd with different configurations in order to test the authentication process.
ssh-auditor now flags hosts that it could authenticate to, but could not run a command or tunnel as the result "auth". This type of result may mean you found a valid credential that can't access anything via ssh, but it may work over another protocol.
Some servers only allow keyboard-interactive authentication, but not password authentication. When attempting to authenticate, support both methods.