test/docker/expected_results/openssh_5.6p1_test2.txt


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153

[0;36m# general[0m
[0;32m(gen) banner: SSH-2.0-OpenSSH_5.6[0m
[0;32m(gen) software: OpenSSH 5.6[0m
[0;32m(gen) compatibility: OpenSSH 5.6-6.6, Dropbear SSH 0.53+ (some functionality from 0.52)[0m
[0;32m(gen) compression: enabled (zlib@openssh.com)[0m

[0;36m# security[0m
[0;33m(cve) CVE-2018-15473                        -- (CVSSv2: 5.3) enumerate usernames due to timing discrepencies[0m
[0;33m(cve) CVE-2016-3115                         -- (CVSSv2: 5.5) bypass command restrictions via crafted X11 forwarding data[0m
[0;33m(cve) CVE-2016-1907                         -- (CVSSv2: 5.0) cause DoS via crafted network traffic (out of bounds read)[0m
[0;33m(cve) CVE-2015-6564                         -- (CVSSv2: 6.9) privilege escalation via leveraging sshd uid[0m
[0;33m(cve) CVE-2015-6563                         -- (CVSSv2: 1.9) conduct impersonation attack[0m
[0;33m(cve) CVE-2014-2532                         -- (CVSSv2: 5.8) bypass environment restrictions via specific string before wildcard[0m
[0;33m(cve) CVE-2014-1692                         -- (CVSSv2: 7.5) cause DoS via triggering error condition (memory corruption)[0m
[0;33m(cve) CVE-2012-0814                         -- (CVSSv2: 3.5) leak data via debug messages[0m
[0;33m(cve) CVE-2011-5000                         -- (CVSSv2: 3.5) cause DoS via large value in certain length field (memory consumption)[0m
[0;33m(cve) CVE-2010-5107                         -- (CVSSv2: 5.0) cause DoS via large number of connections (slot exhaustion)[0m
[0;33m(cve) CVE-2010-4755                         -- (CVSSv2: 4.0) cause DoS via crafted glob expression (CPU and memory consumption)[0m
[0;33m(cve) CVE-2010-4478                         -- (CVSSv2: 7.5) bypass authentication check via crafted values[0m

[0;36m# key exchange algorithms[0m
[0;31m(kex) diffie-hellman-group-exchange-sha256 (1024-bit) -- [fail] using small 1024-bit modulus[0m
                                                      `- [info] available since OpenSSH 4.4
[0;31m(kex) diffie-hellman-group-exchange-sha1 (1024-bit) -- [fail] using small 1024-bit modulus[0m
[0;33m                                                    `- [warn] using weak hashing algorithm[0m
                                                    `- [info] available since OpenSSH 2.3.0
[0;33m(kex) diffie-hellman-group14-sha1           -- [warn] using weak hashing algorithm[0m
                                            `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
[0;31m(kex) diffie-hellman-group1-sha1            -- [fail] using small 1024-bit modulus[0m
[0;31m                                            `- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;31m                                            `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack[0m
[0;33m                                            `- [warn] using weak hashing algorithm[0m
                                            `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28

[0;36m# host-key algorithms[0m
[0;31m(key) ssh-rsa (1024-bit)                    -- [fail] using weak hashing algorithm[0m
[0;31m                                            `- [fail] using small 1024-bit modulus[0m
                                            `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
                                            `- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
[0;31m(key) ssh-rsa-cert-v01@openssh.com (1024-bit cert/1024-bit CA) -- [fail] using weak hashing algorithm[0m
[0;31m                                                               `- [fail] using small 1024-bit modulus[0m
                                                               `- [info] available since OpenSSH 5.6
                                                               `- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2

[0;36m# encryption algorithms (ciphers)[0m
[0;32m(enc) aes128-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52[0m
[0;32m(enc) aes192-ctr                            -- [info] available since OpenSSH 3.7[0m
[0;32m(enc) aes256-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52[0m
[0;31m(enc) arcfour256                            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;33m                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm[0m
[0;33m                                            `- [warn] using weak cipher[0m
                                            `- [info] available since OpenSSH 4.2
[0;31m(enc) arcfour128                            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;33m                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm[0m
[0;33m                                            `- [warn] using weak cipher[0m
                                            `- [info] available since OpenSSH 4.2
[0;31m(enc) aes128-cbc                            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;33m                                            `- [warn] using weak cipher mode[0m
                                            `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
[0;31m(enc) 3des-cbc                              -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;33m                                            `- [warn] disabled (in client) since OpenSSH 7.4, unsafe algorithm[0m
[0;33m                                            `- [warn] using weak cipher[0m
[0;33m                                            `- [warn] using weak cipher mode[0m
[0;33m                                            `- [warn] using small 64-bit block size[0m
                                            `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
[0;31m(enc) blowfish-cbc                          -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;31m                                            `- [fail] disabled since Dropbear SSH 0.53[0m
[0;33m                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm[0m
[0;33m                                            `- [warn] using weak cipher mode[0m
[0;33m                                            `- [warn] using small 64-bit block size[0m
                                            `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
[0;31m(enc) cast128-cbc                           -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;33m                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm[0m
[0;33m                                            `- [warn] using weak cipher mode[0m
[0;33m                                            `- [warn] using small 64-bit block size[0m
                                            `- [info] available since OpenSSH 2.1.0
[0;31m(enc) aes192-cbc                            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;33m                                            `- [warn] using weak cipher mode[0m
                                            `- [info] available since OpenSSH 2.3.0
[0;31m(enc) aes256-cbc                            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;33m                                            `- [warn] using weak cipher mode[0m
                                            `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
[0;31m(enc) arcfour                               -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;33m                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm[0m
[0;33m                                            `- [warn] using weak cipher[0m
                                            `- [info] available since OpenSSH 2.1.0
[0;31m(enc) rijndael-cbc@lysator.liu.se           -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;33m                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm[0m
[0;33m                                            `- [warn] using weak cipher mode[0m
                                            `- [info] available since OpenSSH 2.3.0

[0;36m# message authentication code algorithms[0m
[0;31m(mac) hmac-md5                              -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;33m                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm[0m
[0;33m                                            `- [warn] using encrypt-and-MAC mode[0m
[0;33m                                            `- [warn] using weak hashing algorithm[0m
                                            `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
[0;33m(mac) hmac-sha1                             -- [warn] using encrypt-and-MAC mode[0m
[0;33m                                            `- [warn] using weak hashing algorithm[0m
                                            `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
[0;33m(mac) umac-64@openssh.com                   -- [warn] using encrypt-and-MAC mode[0m
[0;33m                                            `- [warn] using small 64-bit tag size[0m
                                            `- [info] available since OpenSSH 4.7
[0;31m(mac) hmac-ripemd160                        -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;33m                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm[0m
[0;33m                                            `- [warn] using encrypt-and-MAC mode[0m
                                            `- [info] available since OpenSSH 2.5.0
[0;31m(mac) hmac-ripemd160@openssh.com            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;33m                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm[0m
[0;33m                                            `- [warn] using encrypt-and-MAC mode[0m
                                            `- [info] available since OpenSSH 2.1.0
[0;31m(mac) hmac-sha1-96                          -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;33m                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm[0m
[0;33m                                            `- [warn] using encrypt-and-MAC mode[0m
[0;33m                                            `- [warn] using weak hashing algorithm[0m
                                            `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
[0;31m(mac) hmac-md5-96                           -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm[0m
[0;33m                                            `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm[0m
[0;33m                                            `- [warn] using encrypt-and-MAC mode[0m
[0;33m                                            `- [warn] using weak hashing algorithm[0m
                                            `- [info] available since OpenSSH 2.5.0

[0;36m# fingerprints[0m
[0;32m(fin) ssh-rsa: SHA256:YZ457EBcJTSxRKI3yXRgtAj3PBf5B9/F36b1SVooml4[0m

[0;36m# algorithm recommendations (for OpenSSH 5.6)[0m
[0;31m(rec) !diffie-hellman-group-exchange-sha256 -- kex algorithm to change (increase modulus size to 2048 bits or larger) [0m
[0;31m(rec) -3des-cbc                             -- enc algorithm to remove [0m
[0;31m(rec) -aes128-cbc                           -- enc algorithm to remove [0m
[0;31m(rec) -aes192-cbc                           -- enc algorithm to remove [0m
[0;31m(rec) -aes256-cbc                           -- enc algorithm to remove [0m
[0;31m(rec) -arcfour                              -- enc algorithm to remove [0m
[0;31m(rec) -arcfour128                           -- enc algorithm to remove [0m
[0;31m(rec) -arcfour256                           -- enc algorithm to remove [0m
[0;31m(rec) -blowfish-cbc                         -- enc algorithm to remove [0m
[0;31m(rec) -cast128-cbc                          -- enc algorithm to remove [0m
[0;31m(rec) -diffie-hellman-group-exchange-sha1   -- kex algorithm to remove [0m
[0;31m(rec) -diffie-hellman-group1-sha1           -- kex algorithm to remove [0m
[0;31m(rec) -hmac-md5                             -- mac algorithm to remove [0m
[0;31m(rec) -hmac-md5-96                          -- mac algorithm to remove [0m
[0;31m(rec) -hmac-ripemd160                       -- mac algorithm to remove [0m
[0;31m(rec) -hmac-ripemd160@openssh.com           -- mac algorithm to remove [0m
[0;31m(rec) -hmac-sha1-96                         -- mac algorithm to remove [0m
[0;31m(rec) -rijndael-cbc@lysator.liu.se          -- enc algorithm to remove [0m
[0;31m(rec) -ssh-rsa                              -- key algorithm to remove [0m
[0;31m(rec) -ssh-rsa-cert-v01@openssh.com         -- key algorithm to remove [0m
[0;33m(rec) -diffie-hellman-group14-sha1          -- kex algorithm to remove [0m
[0;33m(rec) -hmac-sha1                            -- mac algorithm to remove [0m
[0;33m(rec) -umac-64@openssh.com                  -- mac algorithm to remove [0m

[0;36m# additional info[0m
[0;33m(nfo) For hardening guides on common OSes, please see: <https://www.ssh-audit.com/hardening_guides.html>[0m