Joe Testa

This repo is apparently no longer maintained (see https://github.com/arthepsy/ssh-audit/issues/42). I resumed development on a separate fork here, with many improvements: https://github.com/jtesta/ssh-audit You'll find that many (but perhaps not all) of...

@jauderho @vgrebenschikov I forked this project and continued development. This feature is implemented in v2.0.0: https://github.com/jtesta/ssh-audit/releases/tag/v2.0.0

Thanks for putting in the time for this PR! Seems like you did a lot of work. I do think, however, that this could have been solved in a much...

I'm curious, though, about this system of weighted algorithms: could you describe more what the ultimate goal of them is? Is it to only suggest algorithms stronger than what the...

@FlyingPhish : I provided feedback on some of your proposed changes. Looks good otherwise.

@FlyingPhish: if you're able to make the minor changes I requested in the review, and resolve the merge conflict, I can go ahead and merge this. Thanks!

This was already on my private to-do list, which will be handled within the next few days. I'm still doing final tests on my end, but it seems so far...

The only two methods I know to reduce the rate of incoming connections in order to avoid the DoS condition is to use `PerSourceMaxStartups 1` (which will interfere with ssh-audit...

I've revised the connection rate warning just now to: ``` (nfo) Potentially insufficient connection throttling detected, resulting in possible vulnerability to the DHEat DoS attack (CVE-2002-20001). 38 connections were created...

The guides have been updated for Ubuntu Server 22.04 and Amazon Linux 2023. The rest will roll out over the next few days.