Skip to content

v2.4.0

Compare
Choose a tag to compare
@jtesta jtesta released this 24 Feb 01:50
· 239 commits to master since this release
v2.4.0

This is primarily a bug-fix release.

Please note that this version is also available as a PyPI package (pip3 install ssh-audit), Snap package (snap install ssh-audit), or as a Windows executable (below).

The full change log is:

  • Added multi-threaded scanning support.
  • Added built-in Windows manual page (see -m/--manual); credit Adam Russell.
  • Added version check for OpenSSH user enumeration (CVE-2018-15473).
  • Added deprecation note to host key types based on SHA-1.
  • Added extra warnings for SSHv1.
  • Added built-in hardened OpenSSH v8.5 policy.
  • Upgraded warnings to failures for host key types based on SHA-1.
  • Fixed crash when receiving unexpected response during host key test.
  • Fixed hang against older Cisco devices during host key test & gex test.
  • Fixed improper termination while scanning multiple targets when one target returns an error.
  • Dropped support for Python 3.5 (which reached EOL in Sept. 2020).
  • Added 1 new key exchange: sntrup761x25519-sha512@openssh.com.