ssh_scan: prototype SSH configuration and policy scanner

ssh_scan

A SSH configuration and policy scanner

Key Benefits

  • Minimal Dependancies – Uses native Ruby and BinData to do its work, no heavy dependancies.
  • Not Just a Script – Implementation is portable for use in another project or for automation of tasks.
  • Simple – Just point ssh_scan at an SSH service and get a JSON report of what it supports and its policy status.
  • Configurable – Make your own custom policies that fit your unique policy requirements.

Installation

To install and run as a gem, type:


gem install ssh_scan
ssh_scan
To run from a docker container, type:

docker pull mozilla/ssh_scan
docker run -it mozilla/ssh_scan /app/bin/ssh_scan -t github.com
To install and run from source, type:

# clone repo
git clone https://github.com/mozilla/ssh_scan.git
cd ssh_scan
gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
curl -sSL https://get.rvm.io | bash -s stable
rvm install 2.3.1
rvm use 2.3.1
gem install bundler
bundle install
./bin/ssh_scan

Demo

https://asciinema.org/a/7pliiw5zqhj7eqvz7q437u6vx

Source: Github