v2.3.1
This release features better public key size parsing, as well as a major code re-organization (see #46 and #47), and other improvements.
Please note that this version is also available as a PyPI package (pip3 install ssh-audit
), Snap package (snap install ssh-audit
), or as a Windows executable (below).
The full change log is:
- Now parses public key sizes for
rsa-sha2-256-cert-v01@openssh.com
andrsa-sha2-512-cert-v01@openssh.com
host key types. - Flag
ssh-rsa-cert-v01@openssh.com
as a failure due to SHA-1 hash. - Fixed bug in recommendation output which suppressed some algorithms inappropriately.
- Built-in policies now include CA key requirements (if certificates are in use).
- Lookup function (
--lookup
) now performs case-insensitive lookups of similar algorithms; credit Adam Russell. - Migrated pre-made policies from external files to internal database.
- Split single 3,500 line script into many files (by class).
- Added setup.py support; credit Ganden Schaffner.
- Added 1 new cipher:
des-cbc@ssh.com
.