Comments (17)
@immanuelfodor @Athanasius @Mjolinir @StewAlexanderACC @moralrebuild @drakkhen @barkingdog69 : I just merged my "all_my_patches" branch to master: https://github.com/jtesta/ssh-audit/ This has the three PRs (#30, #31, #32) which add new algorithms, host key checks, certificate checks, and DH group checks.
I've tried reaching out to arthepsy repeatedly in the last two years about either merging my PRs, or formally handing over maintainership. I rarely heard back, so its time for us to just move on. I'll continue maintenance under my own fork, and I'll accept PRs and suggestions from the community.
Early next week I'll add in new algorithms and make an official release. In the meantime, please star/watch/fork my repo!
P.S. I've been operating the ssh-audit.com website for almost two years now (its a web front-end to the command line tool). It gets some pretty good traffic on a daily basis, so I'm invested in keeping the tool up-to-date.
from ssh-audit.
Just now, I've released v2.0.0 with several major improvements!: https://github.com/jtesta/ssh-audit/releases/tag/v2.0.0
from ssh-audit.
@arthepsy If you're looking for a new maintainer of this project, I'd be happy to do it. I submitted the host key and moduli PRs back in 2017 (which are still open), and I've got more ideas for improvements.
from ssh-audit.
+1
This project started out awesome and looked really promising. But itβs useless if itβs not kept current.
from ssh-audit.
keep it update pls
from ssh-audit.
Looks like there's been no work on this in 3 years?
from ssh-audit.
@jtesta If you decide to fork this project, that would be awesome, please post here to let us know
from ssh-audit.
Please point me in the right direction to an up-to-date fork, this project used to be awesome as a local testing tool without 3rd party involvement.
from ssh-audit.
Hmm, according to the network graph, it's https://github.com/jtesta/ssh-audit/tree/all_my_patches but still 2 years old π
from ssh-audit.
I'm another happy user who is looking for an updated version of this.
from ssh-audit.
By the way, I have OpenSSH_8.0p1, OpenSSL 1.1.1c 28 May 2019
. Are there such recommendations somewhere like the ssh-audit prints at the end for OpenSSH 7.6? We could check that manually.
from ssh-audit.
Thanks for that! I've Start'd and starting Watch'ing your repo, and updated my .git/config to these remotes (rather than arthespy's as origin):
[remote "arthepsy"]
url = https://github.com/arthepsy/ssh-audit.git
fetch = +refs/heads/*:refs/remotes/origin/*
[remote "jtesta"]
url = https://github.com/jtesta/ssh-audit.git
fetch = +refs/heads/*:refs/remotes/jtesta/*
[remote "origin"]
url = https://github.com/jtesta/ssh-audit.git
fetch = +refs/heads/*:refs/remotes/jtesta/*```
from ssh-audit.
Thanks all for the feedback and @jtesta for all the work.
from ssh-audit.
Thanks, I'm heading over there and opening a ticket for adding OpenSSH 8 recommendations :D
from ssh-audit.
Hmmm, there is no Issues tab on your repo
from ssh-audit.
@jtesta Great news, and thank you so much for the work, will check out your repo! Will be eagerly awaiting your first release.
from ssh-audit.
Do you think renaming would be suitable? In case upstream awakens again and starts to develop (without accepting the currently proposed patches)?
from ssh-audit.
Related Issues (20)
- Detect weak Diffie-Hellman parameters HOT 2
- Bare ipv6 addresses don't work HOT 2
- Question about nistp256 etc HOT 3
- algorithm recommendations for OpenSSH 6.7 HOT 3
- `[exception] did not receive banner.` exception HOT 8
- Please do not import colorama on posix systems
- Feature request: detect SSHFP DNS records and compare with server fingerprint HOT 3
- SSH version 1 should be removed
- publish to pypi? HOT 1
- Add ProFTPd to known SSH softwares
- New algorithms HOT 3
- Recognize curve25519-sha256 in addition to [email protected] HOT 2
- feature-request : support options in any order
- Add install / run instructions to README
- Add support for RFC 8308
- Add support for new quantum-resistant key exchange HOT 2
- Why is there a warning about encrypt-and-mac? HOT 5
- Add support for OpenSSH user configuration files HOT 2
- nada
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ssh-audit.