Feature: Host key fingerprint enumeration/gathering

arthepsy / ssh-audit

SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

MIT License

2.96k stars 268 forks source link

Feature: Host key fingerprint enumeration/gathering #19

Open 0x27 opened 8 years ago

0x27 commented 8 years ago

A useful feature to have would be enumerating and grabbing the hostkeys/fingerprints from the remote SSH server and storing them as part of the output.

Something similar to what I did here, maybe? https://github.com/0x27/ssh_keyscanner

arthepsy commented 8 years ago

I completely agree and this is already planned. Currently, it's implemented for SSH1 (see screenshot in #12), but it's missing some details for SSH2, because it requires successful key-exchange.

jtesta commented 5 years ago

@0x27 This feature has been implemented in my v2.0.0 release: https://github.com/jtesta/ssh-audit/releases/tag/v2.0.0