1
0
mirror of https://github.com/jtesta/ssh-audit.git synced 2025-01-12 03:01:00 +01:00
Commit Graph

530 Commits

Author SHA1 Message Date
Jürgen Gmach
cd58a6180f
Remove unused variables ()
When you get multiple values from unpacking, and you do not need all of
them, there is the convention to assign `_` to the unused ones.

modified:   ssh-audit.py
2020-10-01 19:48:07 -04:00
Joe Testa
ca4ebc56f9 Docker images are now pulled from Dockerhub by default. 2020-10-01 19:42:48 -04:00
Joe Testa
2a87860e84 Added 1 new cipher: des-cbc@ssh.com. Bumped version. 2020-09-29 15:03:41 -04:00
Joe Testa
6067da6793 Updated packaging notes and snap build process. 2020-09-29 10:24:36 -04:00
Joe Testa
c8a1db33c8 Fixed pylint warnings regarding bad indendation. 2020-09-28 13:56:39 -04:00
Joe Testa
32684ddc84 Removed reference to deleted dev branch. 2020-09-28 13:51:18 -04:00
Joe Testa
da4f114b9c Updated Windows build instructions. 2020-09-27 19:32:23 -04:00
Joe Testa
dc0a959402 Use brighter colors on Windows for better readability. Disable unicode characters on Windows since the default terminal does not display them properly. 2020-09-27 19:29:29 -04:00
Joe Testa
eb1588ddc7 Added release date for v2.3.0. Added link for policy tutorial. 2020-09-27 17:12:10 -04:00
Joe Testa
b7d698d743 Added policy for hardened OpenSSH v8.4. 2020-09-27 17:04:43 -04:00
Joe Testa
b0c00749a6 Improved formatting of usage examples. Added link to web front-end. 2020-09-27 13:24:37 -04:00
Joe Testa
6e3e8bac74 Added policy audit examples and additional usage examples. 2020-09-27 13:13:38 -04:00
Joe Testa
632adc076a Policy check output now prints port number, if applicable. 2020-09-27 11:48:15 -04:00
Joe Testa
13b065b316 Added CONTRIBUTING.md (). 2020-09-26 22:06:49 -04:00
Joe Testa
a7581e07dc Added explicit statement regarding fork (). 2020-09-26 20:14:29 -04:00
Joe Testa
4cae6aff43 Added 6 new host key types: 'spi-sign-rsa', 'ssh-ed448', 'x509v3-ecdsa-sha2-nistp256', 'x509v3-ecdsa-sha2-nistp384', 'x509v3-ecdsa-sha2-nistp521', 'x509v3-rsa2048-sha256'. Added 5 new key exchanges: 'gss-group14-sha256-', 'gss-group15-sha512-', 'gss-group16-sha512-', 'gss-nistp256-sha256-', 'gss-curve25519-sha256-'. 2020-09-26 19:32:19 -04:00
Joe Testa
3e20f7c622 Fixed optional host key values. 2020-08-12 15:26:18 -04:00
Joe Testa
1123ac718c Send peer a list of supported algorithms after the banner exchange. Fixes not only the weird case of an ssh-audit client hanging against an ssh-audit server, but perhaps some real-world hangs as well. 2020-08-11 20:11:42 -04:00
Joe Testa
6d84cfdc31 Updated program return values for various connection error instances and unknown errors. 2020-08-11 19:45:59 -04:00
Joe Testa
c7ad1828d8 Fixed return value processing and mypy warning in algorithm_lookup(). Updated help listing, man page, and README. 2020-08-11 19:28:53 -04:00
thecliguy
86cb453928
Algorithm lookup ()
* Adding ssh-audit.py to algorithm_lookup_branch

* Removed the use of an error handler from algorithm_lookup and implemented suggestions made by jugmac00 and jtesta
2020-08-11 19:02:35 -04:00
Joe Testa
0c00b37328 Added .deepsource.toml for DeepSource integration. 2020-07-30 12:08:18 -04:00
Joe Testa
936acfa37d Added more structure to JSON result when policy errors are found. 2020-07-29 12:36:08 -04:00
Joe Testa
b5d7f73125 When an unexpected exit code is returned, print more debugging info. 2020-07-29 12:31:24 -04:00
Joe Testa
6a7bed06d7 Added two new key exchanges: 'kexAlgoCurve25519SHA256' and 'Curve25519SHA256'. 2020-07-28 21:17:29 -04:00
Joe Testa
41e69dd6f2 Alphabetized options in usage message and README. 2020-07-16 12:07:02 -04:00
Joe Testa
25faeb4c59 Added new man page. 2020-07-16 11:48:35 -04:00
Joe Testa
8051078524 When a list of targets is provided (-T), skip empty lines. 2020-07-16 10:19:36 -04:00
Joe Testa
cf815a6652 Added hardened OpenSSH policies. 2020-07-15 14:35:18 -04:00
Joe Testa
2d4eb7da28 Renamed policies to include 'Hardened' in title. 2020-07-15 14:33:10 -04:00
Joe Testa
68a420ff00 Added policy support for optional host key types, like certificates and smart card-based types. 2020-07-15 14:32:14 -04:00
Joe Testa
17f5eb0b38 Added -L option to list built-in policies. 2020-07-14 19:38:10 -04:00
Joe Testa
b95969bbc0 Policy output now more clearly prints the policy version. 2020-07-14 17:38:15 -04:00
Joe Testa
00ce44e728 Added Ubuntu client policies. 2020-07-14 17:18:35 -04:00
Joe Testa
8fb07edafd Added 'client policy' field in policy files to distinguish server from client policies. 2020-07-14 17:14:47 -04:00
Joe Testa
b27d768c79 Print client IP in output when doing policy audits. 2020-07-14 14:01:08 -04:00
Joe Testa
cb54c2bf33 Moved Windows build instructions to packages directory. 2020-07-14 11:03:35 -04:00
Joe Testa
85f14720cb Added 3 new host keys: ssh-gost2001, ssh-gost2012-256, and ssh-gost2012-512. 2020-07-14 10:43:18 -04:00
Jürgen Gmach
1410894f45
Update description for targets argument ()
`targets` takes a file containing a list of target hosts, one on each
line.

Added required format, ie HOST:PORT.

modified:   ssh-audit.py
2020-07-14 10:35:54 -04:00
Joe Testa
381ba1a660 Now supports a list of targets with -T (). 2020-07-13 18:39:05 -04:00
Joe Testa
8e3f3c6044 Updated PyPI notes. 2020-07-11 12:42:11 -04:00
Joe Testa
f80e3f22ce Now returns -1 when an uncaught exception is found. 2020-07-07 16:31:44 -04:00
Joe Testa
49bd2c96a8 Added return values for standard scans. 2020-07-07 15:56:37 -04:00
Joe Testa
103b8fb934 Added official policies for hardened Ubuntu 16.04, 18.04, and 20.04. 2020-07-06 16:16:52 -04:00
Joe Testa
1faa24ad86 Do not accidentally overwrite policies when creating new policy with -M. 2020-07-06 16:15:26 -04:00
Joe Testa
adc1007d7d Mark 'gss-group1-sha1-' kex as failure due to 1024-bit modulus. 2020-07-04 09:41:46 -04:00
Jürgen Gmach
8a406dd9d2
Simplify mypy config ()
Instead of specifying stricter checks one by one, just run `mypy` in
`strict` mode.

modified:   tox.ini
2020-07-04 09:39:43 -04:00
Joe Testa
d717f86238 Added check for use-after-free vulnerability in PuTTY v0.73. 2020-07-03 15:07:34 -04:00
Jürgen Gmach
bf1fbbfa43
Fix RuntimeError for the JSON export ()
* Fix RuntimeError for the JSON export

It is never a good idea to modify an iterable while iterating over it.

Copying the iterable fixes 

modified:   ssh-audit.py

* Add test case for 

new file:   test/test_build_struct.py

* Fix linting error

modified:   test/test_build_struct.py
2020-07-03 14:56:46 -04:00
Joe Testa
282770e698 Added 'ssh-dss-sha256@ssh.com' host key type, 'crypticore128@ssh.com' and 'seed-cbc@ssh.com' ciphers, and 'crypticore-mac@ssh.com' MAC. 2020-07-01 14:32:55 -04:00