Joe Testa
Joe Testa
The "algorithm recommendations" section gives optional algs to add in order to maximize compatibility (aside from algs to remove because they have security concerns). Admittedly, the text should be refined...
I think mentioning that `ext-info-s` is not a real key exchange algorithm is important. I don't know of a way to use less characters to convey the same level of...
> Bttw, according to this, support for ext-info-c was also added. Do we test for this? Yes.
I think this comes down to personal preference. My own preference is to leave it as-is, but perhaps we can let the community vote on this. If anyone would like...
I think this comes down to personal preference. My own preference is to leave it as-is, but perhaps we can let the community vote on this. If anyone would like...
Apologies for the very late response. I just pushed an update that may fix this issue for you. If you're able to, please try again and let me know if...
Hi! Thanks for reaching out. This project is licensed under GPLv3, so if your project has the same license, then you're free to copy any parts of it. Is your...
I believe this was fixed in https://github.com/jtesta/ssh-audit/commit/dcbc43acdf6f47c644ab8e1cfc664863f3e86c94. But if this doesn't solve the problem for you, please re-open this issue. Thanks for reporting!
> The server is hardened to CIS Level 2 standard. I'd say this is the prime suspect for causing this issue. I just tried `ssh-audit --version` on Ubuntu 22.04 (without...
Since I cannot reproduce this on a non-CIS hardened server, and because the `snapcraft.yaml` file doesn't have anything that would suggest a problem with our packaging, I'm forced to conclude...