v2.4.0
This is primarily a bug-fix release.
Please note that this version is also available as a PyPI package (pip3 install ssh-audit
), Snap package (snap install ssh-audit
), or as a Windows executable (below).
The full change log is:
- Added multi-threaded scanning support.
- Added built-in Windows manual page (see
-m
/--manual
); credit Adam Russell. - Added version check for OpenSSH user enumeration (CVE-2018-15473).
- Added deprecation note to host key types based on SHA-1.
- Added extra warnings for SSHv1.
- Added built-in hardened OpenSSH v8.5 policy.
- Upgraded warnings to failures for host key types based on SHA-1.
- Fixed crash when receiving unexpected response during host key test.
- Fixed hang against older Cisco devices during host key test & gex test.
- Fixed improper termination while scanning multiple targets when one target returns an error.
- Dropped support for Python 3.5 (which reached EOL in Sept. 2020).
- Added 1 new key exchange:
sntrup761x25519-sha512@openssh.com
.