Git/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2025-10-31 05:25:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added note regarding general OpenSSH policies failing against platforms with back-ported features. (#236)

Browse Source
This commit is contained in:
Joe Testa
2024-01-28 17:37:21 -05:00
parent fe65b5df8a
commit b72f6a420f
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/ssh_audit/ssh_audit.py
View File

@@ -814,6 +814,7 @@ def list_policies(out: OutputBuffer) -> None:
out.fail("Error: no built-in policies found!") out.fail("Error: no built-in policies found!")
else: else:
out.info("\nHint: Use -P and provide the full name of a policy to run a policy scan with.\n") out.info("\nHint: Use -P and provide the full name of a policy to run a policy scan with.\n")
out.info("Note: the general OpenSSH policies apply to the official releases only. OS distributions may back-port changes that cause failures (for example, Debian 11 back-ported the strict KEX mode into their package of OpenSSH v8.4, whereas it was only officially added to OpenSSH v9.6 and later). In these cases, consider creating a custom policy (-M option).\n")
out.write() out.write()