Joe Testa
Joe Testa
Now with the hardening guides updated, I think the original question has been answered.
That result makes sense. The `PerSourceMaxStartups 1` setting is interfering with ssh-audit's tests. On my test machine, updating it to 2 fixes the issue. This change might make you vulnerable...
> Vulnerability to low bit number doesn't disappear just because we're also testing for something else. When `PerSourceMaxStartups` is set to 1, only one client can connect to OpenSSH at...
I can't reproduce that result. I scanned a clean Ubuntu 22.04 image with the ssh-audit v3.2.0 stable release. Then I applied the `iptables` & `ip6tables` commands I described in https://github.com/jtesta/ssh-audit/issues/263#issuecomment-2069810785...
@perkelix : is this issue still valid? If so, I'm definitely confused. Thought I'd check before closing it.
Closing this, since I cannot reproduce the issue.
Is this the same as #202 ?
I think this comes down to personal preference. My own preference is to leave it as-is, but perhaps we can let the community vote on this. If anyone would like...
Can you please post the full output of ssh-audit run with the -d argument?
> # host-key algorithms > (key) ssh-ed25519 -- [info] available since > OpenSSH 6.5 Looks like ssh-ed25519 is the only host key being returned by your server. It may be...