ssh-audit

Git/ssh-audit

Fork 0

mirror of https://github.com/jtesta/ssh-audit.git synced 2025-03-31 06:53:37 +02:00

Commit Graph

Select branches

Hide Pull Requests

master

#101

#104

#105

#113

#116

#12

#123

#125

#126

#131

#134

#135

#142

#150

#157

#158

#160

#162

#171

#182

#185

#187

#194

#196

#20

#212

#215

#218

#233

#242

#244

#249

#252

#259

#259

#264

#264

#266

#267

#271

#276

#277

#278

#281

#285

#286

#287

#289

#29

#302

#303

#304

#306

#307

#307

#318

#318

#319

#319

#329

#329

#35

#37

#38

#39

#40

#43

#44

#45

#48

#50

#53

#58

#62

#68

#69

#71

#80

#84

#85

#88

#92

#93

#95

#99

v1.5.0

v1.6.0

v1.7.0

v2.0.0

v2.1.0

v2.1.1

v2.2.0

v2.3.0

v2.3.1

v2.4.0

v2.5.0

v2.9.0

v3.0.0

v3.1.0

v3.2.0

v3.3.0

5fbcb1b90f Added 24 new key exchanges: 'ecdh-sha2-1.3.132.0.1', 'ecdh-sha2-1.2.840.10045.3.1.1', 'ecdh-sha2-1.3.132.0.33', 'ecdh-sha2-1.3.132.0.26', 'ecdh-sha2-1.3.132.0.27', 'ecdh-sha2-1.2.840.10045.3.1.7', 'ecdh-sha2-1.3.132.0.16', 'ecdh-sha2-1.3.132.0.34', 'ecdh-sha2-1.3.132.0.36', 'ecdh-sha2-1.3.132.0.37', 'ecdh-sha2-1.3.132.0.35', 'ecdh-sha2-1.3.132.0.38', 'ecdh-sha2-4MHB+NBt3AlaSRQ7MnB4cg==', 'ecdh-sha2-5pPrSUQtIaTjUSt5VZNBjg==', 'ecdh-sha2-VqBg4QRPjxx1EXZdV0GdWQ==', 'ecdh-sha2-zD/b3hu/71952ArpUG4OjQ==', 'ecdh-sha2-qCbG5Cn/jjsZ7nBeR7EnOA==', 'ecdh-sha2-9UzNcgwTlEnSCECZa7V1mw==', 'ecdh-sha2-wiRIU8TKjMZ418sMqlqtvQ==', 'ecdh-sha2-qcFQaMAMGhTziMT0z+Tuzw==', 'ecdh-sha2-m/FtSAmrV4j/Wy6RVUaK7A==', 'ecdh-sha2-D3FefCjYoJ/kfXgAyLddYA==', 'ecdh-sha2-h/SsxnLCtRBh7I9ATyeB3A==', 'ecdh-sha2-mNVwCXAoS1HGmHpLvBC94w=='. Joe Testa 2021-10-20 22:25:20 -04:00
b04acc3737 Updated README. Joe Testa 2021-10-15 00:19:04 -04:00
4ace52a190 Now prints a more user-friendly error message when installed as a Snap package and permission errors are encountered. Updated the Snap build process as well. Joe Testa 2021-10-14 23:56:03 -04:00
22a9559a82 Now supports Python 3.10. Joe Testa 2021-10-14 00:01:23 -04:00
57e6c0246d Updated pylint disable list. Joe Testa 2021-10-13 23:55:49 -04:00
80a718a5af Fixed broken Python 3.10 config. Joe Testa 2021-10-13 23:46:50 -04:00
1f0b3acff2

Complete "target" in the JSON output with the port (#123) tomatohater1337 2021-10-14 05:44:55 +02:00
cdc379d6df Added Python 3.10 to Github Actions testing. Joe Testa 2021-10-07 11:06:32 -04:00
9f87acfc74 Bumped version to v2.6.0-dev. Joe Testa 2021-08-27 11:25:27 -04:00
597b500eba

Minor cleanups (#116) a1346054 2021-08-27 15:19:18 +00:00
96efb3efb4 Bumped copyright year. Joe Testa 2021-08-26 16:44:06 -04:00
ce5939856c Removed Homebrew from list of pre-built packages. Joe Testa 2021-08-26 16:36:31 -04:00
7f74731351 Bumped version number. Joe Testa 2021-08-26 16:36:06 -04:00
8c4855ffa2 Updated Snap notes. Joe Testa 2021-08-26 16:35:53 -04:00
4f2f995b62 Bumped version to v2.5.0. v2.5.0 Joe Testa 2021-08-26 15:24:34 -04:00
134236fa7f Fixed badge link. Joe Testa 2021-08-26 14:39:24 -04:00
a6b658d194 Updated badges. Joe Testa 2021-08-26 13:12:13 -04:00
297a807f88 Added Github Actions support. Joe Testa 2021-08-26 12:47:48 -04:00
20d94df400 Updated Windows packaging instructions. Joe Testa 2021-08-26 12:18:06 -04:00
b76060cf49 Updated Tox test section. Joe Testa 2021-08-26 12:16:39 -04:00
1cf1c874db Added Python 3.10 support. Joe Testa 2021-08-26 10:56:43 -04:00
992d8233c9 Remove cache files created during build. Joe Testa 2021-08-26 10:47:43 -04:00
f377b7cea3 Now prompts user for release version, cleans up cached files from previous invokation, and resets all local changes upon completion. Joe Testa 2021-08-26 10:39:11 -04:00
70d9ab2e6b Check if -dev is in version string. (#106) Joe Testa 2021-08-25 14:24:10 -04:00
e7d320f602 Fixed new pylint warnings. Joe Testa 2021-08-25 13:28:30 -04:00
682cb66f85 Added OpenSSH v8.6 & v8.7 policies. Joe Testa 2021-08-25 12:30:38 -04:00
076681a671 Added 3 new key exchanges: gss-gex-sha1-eipGX3TCiQSrx573bT1o1Q==, gss-group1-sha1-eipGX3TCiQSrx573bT1o1Q==, gss-group14-sha1-eipGX3TCiQSrx573bT1o1Q== Joe Testa 2021-07-08 10:18:25 -04:00
98a1fb0315 Added two new MACs: 'AEAD_AES_128_GCM', and 'AEAD_AES_256_GCM'. Joe Testa 2021-06-28 21:59:41 -04:00
45da9f20ae Added 'rsa-sha2-512' and 'rsa-sha2-256' to OpenSSH 8.1 (and earlier) policies. Joe Testa 2021-05-31 15:49:56 -04:00
aa21df29e7 Now handles exceptions during server KEX parsing more gracefully. Joe Testa 2021-05-24 19:50:25 -04:00
32ed9242af Now prints JSON with indents when is used (useful for debugging). Joe Testa 2021-05-20 19:04:35 -04:00
07862489c4 Added MD5 fingerprint hashes to verbose output. Joe Testa 2021-05-20 18:03:24 -04:00
e508a963e7 Added 1 new MAC: hmac-ripemd160-96. Joe Testa 2021-05-20 14:17:37 -04:00
2f1a2a60b1

Added ToC to README.md (#101) thecliguy 2021-03-04 23:23:12 +00:00
5eb669e01c Updated README. Joe Testa 2021-03-02 11:27:40 -05:00
8e9fe20fac SSH_Socket's constructor now takes an OutputBuffer for verbose & debugging output. Joe Testa 2021-03-02 11:25:37 -05:00
83bd049486

Debug Logging and visibility of SSH Connection errors (#99) thecliguy 2021-03-02 16:06:40 +00:00
c483fe1861 Fixed a crash while doing host key tests. Joe Testa 2021-02-26 16:01:30 -05:00
741bd631e2 Updated packaging instructions. Joe Testa 2021-02-24 10:18:12 -05:00
f96c0501e9 Bumped version number. v2.4.0 Joe Testa 2021-02-23 20:39:18 -05:00
446a411424 Added build_windows_executable.sh. Joe Testa 2021-02-23 19:54:12 -05:00
b300ad1252 Refactored IPv4/6 preference logic to fix pylint warnings. Joe Testa 2021-02-23 16:05:01 -05:00
1bbc3feb57 Added OpenSSH 8.5 built-in policy. Added sntrup761x25519-sha512@openssh.com kex. Joe Testa 2021-02-23 16:02:20 -05:00
8f9771c4e6 Added markdown to PACKAGING. Joe Testa 2021-02-23 09:46:58 -05:00
8a8c284d9a

Colour no longer disabled on older vers of Windows. If ssh-audit invoked with a manual parameter and the colorama library was not imported then colour output is disabled. (#95) thecliguy 2021-02-18 19:52:08 +00:00
1b7cfbec71 Disable color output on Windows 8 and Windows Server 2012. Joe Testa 2021-02-06 11:03:39 -05:00
3c0fc8ead4 Updated README. Joe Testa 2021-02-05 22:12:27 -05:00
ef831d17e0 When -n/--no-colors is used, strip out color from Windows man page. Joe Testa 2021-02-05 21:45:56 -05:00
36094611ce Fixed unicode errors when printing the man page on Windows. Joe Testa 2021-02-05 20:39:12 -05:00
49cf91a902 No longer ignoring mypy and pylint results. Joe Testa 2021-02-05 16:26:14 -05:00
11e2e77585 Simplified Windows man page processing. Added Cygwin support to update_windows_man_page.sh. Joe Testa 2021-02-05 16:25:04 -05:00
090b5d760b

Man Page on Windows (#93) thecliguy 2021-02-05 20:43:50 +00:00
7878d66a46 Now using Python 3.9 base image. Joe Testa 2021-02-02 13:25:52 -05:00
730d6904c2 Updated README. Joe Testa 2021-02-02 12:22:50 -05:00
e0f0956edc Added extra warnings for SSHv1. (#6) Joe Testa 2021-02-02 12:20:37 -05:00
d42725652f Updated README. Joe Testa 2021-02-02 09:54:10 -05:00
6b67a2efb3

Add your local server config to .gitignore (#84) Ruben Barkow-Kuder 2021-02-02 01:26:57 +01:00
c49a0fb22f Upgraded SHA-1 key signatures from warnings to failures. Added deprecation warning to ssh-rsa-cert-v00@openssh.com, ssh-rsa-cert-v01@openssh.com, x509v3-sign-rsa, and x509v3-ssh-rsa host key types. Joe Testa 2021-02-01 19:19:46 -05:00
dbe14a075e

Added future deprecation notice of ssh-rsa (#92) thecliguy 2021-02-01 18:17:46 +00:00
13d15baa2a Added multi-threaded scanning support. Joe Testa 2021-02-01 13:10:06 -05:00
bbb81e24ab Streamlined sending of KEXINIT messages. Joe Testa 2021-01-21 11:23:40 -05:00
bbbd75ee69 Tox will now fail on pylint or typing problems. Joe Testa 2021-01-21 10:47:52 -05:00
60de5e55cb Transformed comment type annotations to variable declaration annotations. Joe Testa 2021-01-21 10:20:48 -05:00
4e2f9da632 Updated README. Joe Testa 2021-01-21 07:53:09 -05:00
287c551ff8 Removed Python 3.5 support. Joe Testa 2021-01-20 20:47:26 -05:00
d9a4b49560 Removed Python 3.5 support. Added ARM64 testing in Travis. Joe Testa 2021-01-20 15:58:48 -05:00
a4c78512d8

Add support to ppc64le (#88) gururajrkatti 2021-01-21 02:24:55 +05:30
1ba4c7c7ca Send KEX before reading server's KEX during host key and GEX tests; this prevents deadlock against certain server implementations. Joe Testa 2021-01-20 15:27:38 -05:00
338ffc5adb Fixed crash when receiving unexpected response during host key test. Joe Testa 2020-11-05 20:29:39 -05:00
52d1e8f27b Fixed pylint warning. Joe Testa 2020-11-05 20:28:14 -05:00
00dc22b00b Delete output directory only upon successful run to make debugging easier. Joe Testa 2020-11-05 20:25:34 -05:00
0d9881966c Added version check for OpenSSH user enumeration (CVE-2018-15473). (#83) Joe Testa 2020-11-05 20:24:09 -05:00
5c8dc5105b Bumped version number. Joe Testa 2020-11-05 20:16:35 -05:00
75be333bd2 Updated packaging instructions and merged Windows instructions. Joe Testa 2020-10-28 21:01:47 -04:00
81ae0eb8f7 Bumped version. v2.3.1 Joe Testa 2020-10-28 19:25:11 -04:00
efec566382 Now testing with stable version of Python 3.9. (#77) Joe Testa 2020-10-28 13:04:09 -04:00
edbbad5aee Updated README. Joe Testa 2020-10-28 12:03:37 -04:00
a3e4f9dbaa

Added similar algorithm suggestions to --lookup (#80) thecliguy 2020-10-28 15:56:12 +00:00
c2da269f06 Added missing tests. Joe Testa 2020-10-21 19:40:22 -04:00
0cb3127482 Fixed pylint warnings. Joe Testa 2020-10-21 19:36:43 -04:00
85c0f854e3 Added Travis status. Joe Testa 2020-10-21 19:36:00 -04:00
f0db035044 Now prints a graceful error message when policy file is not found. Joe Testa 2020-10-20 23:26:21 -04:00
1730126af8 Removed 'ssh-rsa-cert-v01@openssh.com' from built-in policies. Joe Testa 2020-10-20 23:19:56 -04:00
175bd2cf66 Fixed recommendation output function from suppressing some algorithms inappropriately. Joe Testa 2020-10-20 21:34:34 -04:00
53300047e5 Docker testing now continues regardless of failures (makes fixing multiple broken tests much easier). Joe Testa 2020-10-20 21:26:06 -04:00
619efc7349 Flag 'ssh-rsa-cert-v01@openssh.com' as unsafe due to SHA-1 hash. Joe Testa 2020-10-20 17:39:34 -04:00
ec48249deb Now reports policy errors in an easier to read format. (#63) Joe Testa 2020-10-20 16:25:39 -04:00
ec76dac2fc Suppressed pylint warning. Joe Testa 2020-10-20 16:21:56 -04:00
1acfb01e61 Updated Snap instructions & Makefile.snap. Joe Testa 2020-10-20 15:30:04 -04:00
f893a8031f Updated PyPI packaging instructions & Makefile.pypi. Joe Testa 2020-10-20 14:04:14 -04:00
240b705d61 OpenSSH-portable patch level 1 now considered equivalent to stock OpenBSD version. Joe Testa 2020-10-20 13:17:32 -04:00
17780ff194 Added support for building official docker images. (#76) Joe Testa 2020-10-20 11:31:50 -04:00
83d8014a50 Fixed OpenSSH patch version comparison. (#74) Joe Testa 2020-10-19 18:49:52 -04:00
2bb31b306f Added Python 3.9-dev testing to Tox and Travis. Joe Testa 2020-10-19 18:01:17 -04:00
8fa3a12057 Parse public key sizes for 'rsa-sha2-256-cert-v01@openssh.com' and 'rsa-sha2-512-cert-v01@openssh.com' host key types. Include expected CA key sizes in built-in policies. Joe Testa 2020-10-19 17:42:12 -04:00
046c866da4 Moved built-in policies from external files to internal database. (#75) Joe Testa 2020-10-19 17:27:37 -04:00
2a7b9292bb Updated README.md Joe Testa 2020-10-15 20:36:08 -04:00
fa488e25a3 Added pylint exclusions. Joe Testa 2020-10-15 15:04:16 -04:00
1a5c0e7fad Split ssh_audit.py into separate files (#47). Joe Testa 2020-10-15 14:34:23 -04:00
e9df9ee45c Updated README. Joe Testa 2020-10-11 14:44:28 -04:00