Joe Testa
Joe Testa
@akhepcat This should be fixed in my v2.0.0 release: https://github.com/jtesta/ssh-audit/releases/tag/v2.0.0
Fixed in the v2.9.0 release. Thanks @Ricky-Tigg for reporting this!
3072-bit Diffie-Hellman/RSA is equivalent to 128 bits of symmetric security. We're already flagging anything with that level (and above) as good, such as AES-128. Its inconsistent to treat 128-bit security...
Implemented in PR #242 and https://github.com/jtesta/ssh-audit/commit/9fae870260ee0067fd09840bc696b9459c4dba52.
@PeterDaveHello : thanks for submitting! However, a similar PR was submitted 4 days ago, and was just merged (see #215). I notice that your suggestion includes doing an `apt upgrade`...
@PeterDaveHello : Looks like this PR conflicts with the `master` branch at this point. I'd be happy to merge in the addition of `apt-get upgrade` into the updating step, if...
Thanks for contributing!
Thanks for reporting this. The intent of the OpenSSH policies was to track the best configuration that the official release offered. At the same time, I made Ubuntu- specific policies...
@mejofi : I updated the output of the `-L` arg to include the following note: "the general OpenSSH policies apply to the official releases only. OS distributions may back-port changes...
@BareqAZ: I actually did an in-depth research project on this topic a few years back. I really should publish it in a more legible format (currently you can find some...