Scribd
Upload
16 views

SSH Configuration Auditor

This document describes an online tool that audits SSH server and client configurations and provides a report on vulnerabilities and weaknesses. The tool scans a target server or analyzes a client connection to assess the security of encryption, authentication, and key exchange protocols being used.

Uploaded by

Mobiwank
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
16 views

SSH Configuration Auditor

This document describes an online tool that audits SSH server and client configurations and provides a report on vulnerabilities and weaknesses. The tool scans a target server or analyzes a client connection to assess the security of encryption, authentication, and key exchange protocols being used.

Uploaded by

Mobiwank
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

01/02/2023 23:16 SSH Configuration Auditor

Home SSH Hardening Guides Contact

About

This free tool audits the configuration of an SSH server or client and highlights the areas needing improvement.

Too many admins overlook SSH configuration when setting up new systems. Unfortunately, the defaults for many
operating systems are optimized for compatibility, not security.

To see a sample report, click here.

Server Audit

To audit a server configuration, enter its hostname or IPv4/IPv6 address:

Target SSH Server: 201.55.91.90 Port: 4443

Next, choose the scan type (What is the difference?):

Standard Audit Policy Audit: Hardened OpenSSH Server v8.5 (version 1)

Scan

Failed to connect to server.

Client Audit

To audit a client configuration, click the button below. A listener will begin on a random port on the ssh-audit.com server.
With any username, simply connect to it within 45 seconds.

Begin Client Audit

SSH Audit Results For Client

Host Keys: 8 of 8 passing (100%)

A+ Key Exchanges:
Ciphers:
MACs:
6 of 6 passing (100%)
5 of 5 passing (100%)
2 of 2 passing (100%)

Score: 100 / 100

Client Details
IP Address: 189.8.84.130

Banner: SSH-2.0-OpenSSH_8.7

Host Key Types

https://www.sshaudit.com/# 1/2
01/02/2023 23:16 SSH Configuration Auditor

ssh-ed25519-cert-
[email protected]

sk-ssh-ed25519-cert-
[email protected]

rsa-sha2-512-cert-
[email protected]

rsa-sha2-256-cert-
[email protected]

ssh-ed25519

[email protected]

rsa-sha2-512

rsa-sha2-256

Key Exchange Algorithms


curve25519-sha256

[email protected]

diffie-hellman-group-exchange-
sha256

diffie-hellman-group14-sha256

diffie-hellman-group16-sha512

diffie-hellman-group18-sha512

Encryption Ciphers
[email protected]

chacha20-
[email protected]

aes256-ctr

[email protected]

aes128-ctr

Message Authentication Codes


hmac-sha2-256-
[email protected]

hmac-sha2-512-
[email protected]

sshaudit.com Copyright 2017-2023 Positron Security. Our services include penetration testing and application auditing.

SSH scanning is done using the ssh-audit tool.

https://www.sshaudit.com/# 2/2

You might also like