WARNING: unknown algorithm(s) found!

[leolanzi]

ssh-audit (2.5.0-1) on debian 12

Following output suggestions "create a Github issue at https://github.com/jtesta/ssh-audit/issues":

"!!! WARNING: unknown algorithm(s) found!: kex-strict-s-v00@openssh.com"

on kali-rolling, deb package: openssh-server 1:9.6p1-4 amd64 default ssh_config, and custom rules based on ssh-audit output, for removing algorithms:

KexAlgorithms -ecdh-sha2-nistp256 -ecdh-sha2-nistp384 -ecdh-sha2-nistp521 -ecdsa-sha2-nistp256 -hmac-sha1 -hmac-sha1-etm@openssh.com -hmac-sha2-256 -hmac-sha2-512 -sntrup761x25519-sha512@openssh.com -umac-128@openssh.com -umac-64-etm@openssh.com -umac-64@openssh.com

tnx!

[lucc]

The same algorithm is present in OpenSSH_7.9p1 Debian-10+deb10u4.

I also do only remove some algorithms from the config file:

KexAlgorithms -*sha1*,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256

[jtesta]

Thanks for reporting this issue. The missing algorithm was added in ssh-audit v3.1.0. If your platform's package manager doesn't offer an upgrade, then perhaps you can consider one of the pre-built packages I've made: https://github.com/jtesta/ssh-audit?tab=readme-ov-file#pre-built-packages