ssh-audit/README.md

# ssh-audit
[![build status](https://api.travis-ci.org/arthepsy/ssh-audit.svg)](https://travis-ci.org/arthepsy/ssh-audit)  
**ssh-audit** is a tool for ssh server auditing.  

## Features
- SSH1 and SSH2 protocol server support;
- grab banner, recognize device or software and operating system, detect compression;
- gather key-exchange, host-key, encryption and message authentication code algorithms;
- output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
- output security information (related issues, assigned CVE list, etc);
- analyze SSH version compatibility based on algorithm information;
- historical information from OpenSSH and Dropbear SSH;
- no dependencies, compatible with Python2 and Python3;

## Usage
```
usage: ssh-audit.py [-bnv] [-l <level>] <host[:port]>

   -1,  --ssh1             force ssh version 1 only
   -2,  --ssh2             force ssh version 2 only
   -b,  --batch            batch output
   -n,  --no-colors        disable colors
   -v,  --verbose          verbose output
   -l,  --level=<level>    minimum output level (info|warn|fail)
   
```
* batch flag `-b` will output sections without header and without empty lines (implies verbose flag).  
* verbose flag `-v` will prefix each line with section type and algorithm name.  

### example
![screenshot](https://cloud.githubusercontent.com/assets/7356025/17623665/da5281c8-60a9-11e6-9582-13f9971c22e0.png)  

## ChangeLog

### v1.5.0 (2016-09-20)
 - create security section for related security information
 - match and output assigned CVE list and security issues for Dropbear SSH
 - implement full SSH1 support with fingerprint information
 - automatically fallback to SSH1 on protocol mismatch
 - add new options to force SSH1 or SSH2 (both allowed by default)
 - parse banner information and convert it to specific sofware and OS version
 - do not use padding in batch mode
 - several fixes (Cisco sshd, rare hangs, error handling, etc)

### v1.0.20160902
 - implement batch output option
 - implement minimum output level option
 - fix compatibility with Python 2.6

### v1.0.20160812
 - implement SSH version compatibility feature
 - fix wrong mac algorithm warning
 - fix Dropbear SSH version typo
 - parse pre-banner header
 - better errors handling

### v1.0.20160803
 - use OpenSSH 7.3 banner
 - add new key-exchange algorithms

### v1.0.20160207
 - use OpenSSH 7.2 banner
 - additional warnings for OpenSSH 7.2 
 - fix OpenSSH 7.0 failure messages
 - add rijndael-cbc failure message from OpenSSH 6.7

### v1.0.20160105
 - multiple additional warnings
 - support for none algorithm
 - better compression handling  
 - ensure reading enough data (fixes few Linux SSH)  

### v1.0.20151230
 - Dropbear SSH support  

### v1.0.20151223
 - initial version
Init project. 2015-12-23 03:56:13 +01:00			`# ssh-audit`
Travis CI emblem. 2016-09-28 15:23:27 +02:00			`[![build status](https://api.travis-ci.org/arthepsy/ssh-audit.svg)](https://travis-ci.org/arthepsy/ssh-audit)`
Initial readme. 2015-12-23 04:52:21 +01:00			`ssh-audit is a tool for ssh server auditing.`

			`## Features`
Release 1.5.0. 2016-09-20 11:26:14 +02:00			`- SSH1 and SSH2 protocol server support;`
			`- grab banner, recognize device or software and operating system, detect compression;`
Initial readme. 2015-12-23 04:52:21 +01:00			`- gather key-exchange, host-key, encryption and message authentication code algorithms;`
			`- output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);`
Release 1.5.0. 2016-09-20 11:26:14 +02:00			`- output security information (related issues, assigned CVE list, etc);`
Clarify SSH version compatibility feature. 2016-08-12 15:33:34 +02:00			`- analyze SSH version compatibility based on algorithm information;`
new release 2015-12-30 12:17:58 +01:00			`- historical information from OpenSSH and Dropbear SSH;`
Release 1.5.0. 2016-09-20 11:26:14 +02:00			`- no dependencies, compatible with Python2 and Python3;`
Initial readme. 2015-12-23 04:52:21 +01:00
			`## Usage`
			```
Document new arguments. 2016-09-02 17:08:15 +02:00			`usage: ssh-audit.py [-bnv] [-l <level>] <host[:port]>`
Initial readme. 2015-12-23 04:52:21 +01:00
Release 1.5.0. 2016-09-20 11:26:14 +02:00			`-1, --ssh1 force ssh version 1 only`
Fix typo in README.md 2016-09-24 22:02:39 +02:00			`-2, --ssh2 force ssh version 2 only`
Document new arguments. 2016-09-02 17:08:15 +02:00			`-b, --batch batch output`
			`-n, --no-colors disable colors`
			`-v, --verbose verbose output`
			`-l, --level=<level> minimum output level (info\|warn\|fail)`

Initial readme. 2015-12-23 04:52:21 +01:00			```
Document new arguments. 2016-09-02 17:08:15 +02:00			* batch flag `-b` will output sections without header and without empty lines (implies verbose flag).
			* verbose flag `-v` will prefix each line with section type and algorithm name.
Initial readme. 2015-12-23 04:52:21 +01:00
			`### example`
Release v1.0.20160812. 2016-08-12 15:29:51 +02:00			`![screenshot](https://cloud.githubusercontent.com/assets/7356025/17623665/da5281c8-60a9-11e6-9582-13f9971c22e0.png)`
Initial readme. 2015-12-23 04:52:21 +01:00
			`## ChangeLog`
Release 1.5.0. 2016-09-20 11:26:14 +02:00
			`### v1.5.0 (2016-09-20)`
			`- create security section for related security information`
			`- match and output assigned CVE list and security issues for Dropbear SSH`
			`- implement full SSH1 support with fingerprint information`
			`- automatically fallback to SSH1 on protocol mismatch`
			`- add new options to force SSH1 or SSH2 (both allowed by default)`
			`- parse banner information and convert it to specific sofware and OS version`
			`- do not use padding in batch mode`
			`- several fixes (Cisco sshd, rare hangs, error handling, etc)`

Document changes. 2016-09-02 17:10:16 +02:00			`### v1.0.20160902`
			`- implement batch output option`
			`- implement minimum output level option`
			`- fix compatibility with Python 2.6`

Release v1.0.20160812. 2016-08-12 15:29:51 +02:00			`### v1.0.20160812`
Clarify SSH version compatibility feature. 2016-08-12 15:33:34 +02:00			`- implement SSH version compatibility feature`
Release v1.0.20160812. 2016-08-12 15:29:51 +02:00			`- fix wrong mac algorithm warning`
			`- fix Dropbear SSH version typo`
			`- parse pre-banner header`
			`- better errors handling`

Add new key-exchange algorithms. Use OpenSSH 7.3 banner. 2016-08-03 16:32:46 +02:00			`### v1.0.20160803`
			`- use OpenSSH 7.3 banner`
			`- add new key-exchange algorithms`

Update ChangeLog. 2016-03-07 12:01:57 +01:00			`### v1.0.20160207`
			`- use OpenSSH 7.2 banner`
			`- additional warnings for OpenSSH 7.2`
			`- fix OpenSSH 7.0 failure messages`
			`- add rijndael-cbc failure message from OpenSSH 6.7`

Document changes. 2016-01-05 13:14:50 +01:00			`### v1.0.20160105`
Document changes. 2016-01-05 17:04:49 +01:00			`- multiple additional warnings`
			`- support for none algorithm`
Document changes. 2016-01-05 13:14:50 +01:00			`- better compression handling`
			`- ensure reading enough data (fixes few Linux SSH)`

new release 2015-12-30 12:17:58 +01:00			`### v1.0.20151230`
			`- Dropbear SSH support`

Initial readme. 2015-12-23 04:52:21 +01:00			`### v1.0.20151223`
			`- initial version`