jtesta
commented
2 months ago many thanks for this great project!
Thanks! A lot of the initial formation of this project was done by @arthepsy; I handled all new features and planning since 2019.
It would be nice to include some info about the supported auth methods of an SSH server.
I agree, though unfortunately that information is buried too far into the SSH handshake for us to obtain. Adding the code to extract it would be very complex, and quite frankly, not worth the effort to write and maintain over time.
I always have to overwrite the stdout, which is a bit weird.
Could you elaborate more on this weirdness? The way I imagine it, using subprocess.run(..., stdout=subprocess.PIPE) would let the calling program read stdout easily; it could then write the output to a file as needed.
l4rm4nd
Hi @jtesta ,
many thanks for this great project!
SSH Auth Methods
It would be nice to include some info about the supported auth methods of an SSH server. For example
password,public keyand/orkeyboard-interactive. Regarding hardening, only pubkey auth should be offered as the other ones allow brute-forcing attacks and password guessing (if no measures are implemented such as fail2ban etc.).I personally would flag all as info but you may define password and keyboard-interactive as warning.
Output Directory
I am currently relying on the JSON output. However, there seems no possibility to define the output directory or output file at all via CLI params. The only way is to pipe the Python's script output into an outfile. This works fine but gets problematic when ssh-audit is called from another script via subprocess. I always have to overwrite the
stdout, which is a bit weird.Would be nice if you add an argparse argument to define the output dir.
You can limit this to the
-jand-jjoutput formats if you want.