Skip to content

Releases: jtesta/ssh-audit

v2.1.1

26 Nov 17:03
@jtesta jtesta
v2.1.1
This tag was signed with the committer’s verified signature. The key has expired.
jtesta Joe Testa
GPG key ID: 9049C422D2AAFC12
Expired
Learn about vigilant mode.
dc36622
Compare
Choose a tag to compare
v2.1.1

This maintenance release focuses on improving support for client testing. The full changelog is:

  • Added 2 new host key types: rsa-sha2-256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com.
  • Added 2 new ciphers: des, 3des.
  • Added 3 new PuTTY vulnerabilities.
  • During client testing, client IP address is now listed in output.

Also included is the first Windows release!

Assets 7
Loading

v2.1.0

14 Nov 15:32
@jtesta jtesta
v2.1.0
This tag was signed with the committer’s verified signature. The key has expired.
jtesta Joe Testa
GPG key ID: 9049C422D2AAFC12
Expired
Learn about vigilant mode.
3606863
Compare
Choose a tag to compare
v2.1.0

The highlights of this release include client-testing functionality to audit the protocols accepted by client software, a JSON output format, support for new algorithms, and bugfixes. Below is the full changelog:

  • Added client software auditing functionality (see -c / --client-audit option).
  • Added JSON output option (see -j / --json option; credit Andreas Jaggi).
  • Fixed crash while scanning Solaris Sun_SSH.
  • Added 9 new key exchanges: gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==, gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==, gss-group14-sha1-, gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==, gss-group14-sha256-toWM5Slw5Ew8Mqkay+al2g==, gss-group15-sha512-toWM5Slw5Ew8Mqkay+al2g==, diffie-hellman-group15-sha256, ecdh-sha2-1.3.132.0.10, curve448-sha512.
  • Added 1 new host key type: ecdsa-sha2-1.3.132.0.10.
  • Added 4 new ciphers: idea-cbc, serpent128-cbc, serpent192-cbc, serpent256-cbc.
  • Added 6 new MACs: hmac-sha2-256-96-etm@openssh.com, hmac-sha2-512-96-etm@openssh.com, hmac-ripemd, hmac-sha256-96@ssh.com, umac-32@openssh.com, umac-96@openssh.com.
Assets 5
Loading

v2.0.0

29 Aug 19:59
@jtesta jtesta
v2.0.0
This tag was signed with the committer’s verified signature. The key has expired.
jtesta Joe Testa
GPG key ID: 9049C422D2AAFC12
Expired
Learn about vigilant mode.
6f60722
Compare
Choose a tag to compare
v2.0.0

This is the first release of ssh-audit in almost three years! It features the following major improvements:

  • Forked from https://github.com/arthepsy/ssh-audit (development was stalled, and developer went MIA).
  • Added RSA host key length test.
  • Added RSA certificate key length test.
  • Added Diffie-Hellman modulus size test.
  • Now outputs host key fingerprints for RSA and ED25519.
  • Added 5 new key exchanges: sntrup4591761x25519-sha512@tinyssh.org, diffie-hellman-group-exchange-sha256@ssh.com, diffie-hellman-group-exchange-sha512@ssh.com, diffie-hellman-group16-sha256, diffie-hellman-group17-sha512.
  • Added 3 new encryption algorithms: des-cbc-ssh1, blowfish-ctr, twofish-ctr.
  • Added 10 new MACs: hmac-sha2-56, hmac-sha2-224, hmac-sha2-384, hmac-sha3-256, hmac-sha3-384, hmac-sha3-512, hmac-sha256, hmac-sha256@ssh.com, hmac-sha512, hmac-512@ssh.com.
  • Added command line argument (-t / --timeout) for connection & reading timeouts.
  • Updated CVEs for libssh & Dropbear.
Assets 5
Loading