arthepsy / ssh-audit Goto Github PK
View Code? Open in Web Editor NEWSSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
License: MIT License
SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
License: MIT License
There's the sshd -T
feature. It checks the validity of the /etc/ssh/sshd_config
configuration file and outputs the effective configuration to stdout and then exits.
I thought this may be an interesting and easy way to audit the effective server settings.
I.e. it would be possible to not only check the configured algorithms but also insecure or dangerous features (e.g. X11Forwarding, Agent-Forwarding, etc).
Obviously, this check would only run locally (i.e. not remote) but it would make sshd hardening easier.
I think it's depreciated?
You could simplify the code by simply removing almost all version 1 code from the script. Just tell the user that version 1 is insecure and unsupported. OpenSSH have removed all SSH version 1 code from their implementation since 7.6.
In my case I can only reach my servers through a ProxyJump in my SSH configuration. It seems there currently isn't a way to run ssh-audit against those servers behind a jump host.
I would like to request a feature to support this scenario.
You are using the "{}".format()
that is not compatible with my python 2.6.9:
~ # ./ssh-audit.py -v ts01lin
# general
[info] banner: SSH-2.0-OpenSSH_6.6.1
Traceback (most recent call last):
File "./ssh-audit.py", line 619, in <module>
main()
File "./ssh-audit.py", line 615, in main
output(banner, header, kex)
File "./ssh-audit.py", line 551, in output
output_compatibility(kex)
File "./ssh-audit.py", line 536, in output_compatibility
comp_text.append('{} {}-{}'.format(sshd_name, v[0], v[1]))
ValueError: zero length field name in format
Since colorama isn't needed on posix systems, don't even import it.
Please add os.name != 'posix'
for it so that it is clear that it isn't needed.
Using the git version of ssh-audit, curve25519-sha256 is currently flagged as an unknown algorithm whereas [email protected] is correctly identified.
Looking at the sshd_config man page for OpenSSH 7.6p1, both are valid for KexAlgorithms. The default sequence is listed as
curve25519-sha256,[email protected],
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
diffie-hellman-group-exchange-sha256,
diffie-hellman-group14-sha1
Some software such as SecureCRT 8.5.2 require the usage of curve25519-sha256 instead of [email protected]
Would be great to have the output in some format that is easy to parse. I am thinking of something like the 'greppable' output of nmap (-oG).
What do you think about the idea of a SSH client audit feature?
Of course, admins can configure a good and up-to-date system-wide client config (/etc/ssh/ssh_config
). However, users also have their own (and often ancient!) settings in ~/.ssh/config
. AFAIK there is no tool that audits the client settings and gives recommendations.
When I discovered the ssh -G host
option (available since OpenSSH 6.8) I thought this may be an interesting and easy way to audit the effective client settings for the respective destination.
Also, it would be possible to not only check the configured algorithms but also insecure or dangerous features (e.g. X11Forwarding, Agent-Forwarding, etc).
It could look like this:
$ ssh-audit -c host
SSH is used for SFTP.
https://en.wikipedia.org/wiki/ProFTPD
I found some non-standard SSH algorithms in use out in the wild that are not currently supported:
des-cbc-ssh1
blowfish-ctr
hmac-sha256
[email protected]
hmac-sha2-384
Hey,
i cannot figure out why are you marking 'ecdh-sha2-nistp256', 'ecdh-sha2-nistp384', 'ecdh-sha2-nistp521' as weak. I checked out some distros and even OpenBSD have them enabled by default. Care to explain your reasoning behind it?
Thanks.
Feature request: Add an option to configure the minimum output level.
Then it would be possible to report e.g. only fails (--level=fail
) or fails and warnings (--level=warn
).
For an sshd
configuration, it is valid to have the Banner
option in /etc/ssh/sshd_config
set to none
.
However, ssh-audit
then always throws a [exception] did not receive banner.
.
It would be nice if ssh-audit
could optionally skip checking for a banner.
Okay, I see from "example" that it's just ./ssh-audit.py
but some sort of "clone repo, run ./ssh-audit.py
" would be more explicitly clear about how to get to that point
According to the release notes for OpenSSH 8.0 (https://www.openssh.com/releasenotes.html), a new quantum-resistant key exchange algorithm was implemented:
* ssh(1), sshd(8): Add experimental quantum-computing resistant
key exchange method, based on a combination of Streamlined NTRU
Prime 4591^761 and X25519.
(address changed to protect the innocent)
./ssh-audit.py -6 2000:100:100:1::3
[exception] [Errno -9] Address family for hostname not supported
./ssh-audit.py -6 [2000:100:100:1::3]
[exception] [Errno -2] Name or service not known
./ssh-audit.py -6 "[2000:100:100:1::3]"
[exception] [Errno -2] Name or service not known
However, using a name (whether dns or /etc/hosts) works correctly.
What about publishing to pypi to make it installable via pip
?
Thank for your work.
But after this audit, what are your guidelines for sshd_config ?
I've seen this one : https://wiki.mozilla.org/Security/Guidelines/OpenSSH#Modern_.28OpenSSH_6.7.2B.29 but your audit still show some warning.
Azlux
Very neat tool, thanks for making it!
I think it would be neat to have a flag which would output 'good' sshd_config config line. Something that crossed my mind while I was testing my ssh servers.
Thanks,
G
When using Python3, the following line raises an AttributeError:
payload = str(payload).decode('utf-8')
For example:
$ ./ssh-audit.py -1 github.com
Traceback (most recent call last):
File "./ssh-audit.py", line 1685, in <module>
audit(conf)
File "./ssh-audit.py", line 1654, in audit
payload = str(payload).decode('utf-8')
AttributeError: 'str' object has no attribute 'decode'
I am using release 1.6.0 (76509a1).
I am not sure if it is the only place where there is a problem with Python3 compatibility, might be worth a full check.
It exists for TLS, not sure if it exists for SSH?
Hello
I scan my Debian 8 with OpenSSH version: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
I get recomendation:
(rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
(rec) -ssh-dss -- key algorithm to remove
But how to remove this algoritm?
I can`t use:
HostKeyAlgorithms ssh-rsa,rsa-sha2-512,rsa-sha2-256
because HostKeyAlgorithms support only for version OpenSSH 7.0+
Best Regards
TaKeN
We tested some of our OpenSSH servers with ssh-audit and noticed a couple of "using encrypt-and-MAC mode" warnings. I am a cryptography expert and I do not understand why there is a warning? I do not know of any security weaknesses in encrypt-and-mac. E.g. "hmac-sha2-256" is a perfectly safe algorithm. Why is there a warning? One should never use mac-then-encrypt, but this is not the case here? Can you explain about that?
SSHFP DNS records are a useful feature which enables one to save SSH fingerprints in DNS, so that you don't have to check them manually. It would be useful if ssh-audit could check for existence of such records, compare them with actual fingerprints if they match and put recommendations to disable DSA and ECDSA records (if they exist) and enable RSA and ED25519 (if they don't exist).
It should also recommend to disable SHA1 type records, if enabled and enable SHA256, if disabled.
To audit localhost or local network terminals (e.g. 192.168.1.1)?
warning : read the update section
related to #37
ssh-audit display the wrong banner instead of displaying the real one or saying he doesn't know this one:
ssh-audit x.x.x.x -p 2222
# general
(gen) banner: SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.6
(gen) software: OpenSSH 7.2p2
(gen) compatibility: OpenSSH 7.2+, Dropbear SSH 2013.62+
(gen) compression: enabled ([email protected])
But when doing ssh -v
or sftp -v
(because it is a sftp server) I can see: debug1: Remote protocol version 2.0, remote software version mod_sftp/0.9.9
.
To be sure I used nmap:
nmap -Pn -p 2222 x.x.x.x -sVC
Starting Nmap 7.70 ( https://nmap.org ) at 2018-12-28 11:06 CET
Nmap scan report for x.com (x.x.x.x)
Host is up (0.023s latency).
PORT STATE SERVICE VERSION
2222/tcp open ssh ProFTPD mod_sftp 0.9.9 (protocol 2.0)
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 62.67 seconds
So:
Update Also a real SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.6
is running on port 22 so I suspect that ssh-audit is ignoring the option for port 2222.
Lines 155 to 185 in 22b671e
==> this is it, if I put ssh-audit -p 2222 x.x.x.x
instead of ssh-audit x.x.x.x -p 2222
i have the good banner:
(gen) banner: SSH-2.0-mod_sftp/0.9.9
(gen) compatibility: OpenSSH 5.9-6.6, Dropbear SSH 2013.62+ (some functionality from 0.52)
(gen) compression: enabled ([email protected], zlib)
So I suggest to support options in any order even after the host like nmap and many other tools are doing.
RFC 8308 adds support for extension negotiation. Of the four extensions defined, it seems like one, server-sig-algs
(in section 3.1) might be interesting to analyze from a security standpoint.
A useful feature to have would be enumerating and grabbing the hostkeys/fingerprints from the remote SSH server and storing them as part of the output.
Something similar to what I did here, maybe? https://github.com/0x27/ssh_keyscanner
Since ssh-audit can used in a script, it would be nice if ssh-audit would exit with exit code of 2 if there are 1 or more recommendations. I'd be fine with this requiring an optional command argument.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.