Blog InfoSec

October 9 2016

SSH Server Auditing: ssh-audit

grab banner, detect ssh1 protocol and zlib compression;
gather key-exchange, host-key, encryption and message authentication code algorithms;
output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
analyze SSH version compatibility based on algorithm information;
historical information from OpenSSH and Dropbear SSH;
no dependencies, compatible with python2 and python3;

ssh-audit

usage: ssh-audit.py [-nv] host[:port]

   -v  verbose
   -n  disable colors

Verbose flag will fill each row, i.e, not leave blanks, for easier usage with batch scripts or with manual grepping.

|--Although you should be able to work out who I am, I don't really care, as I can work out who you are. So beware of leaving footprints.--|