ssh_scan - Na-enyocha nhazi na amụma SSH gị na Linux


ssh_scan bụ ihe dị mfe iji ụdị SSH nhazi yana nyocha amụma maka sava Linux na UNIX, nke sitere na Mozilla OpenSSH Security Guide, nke na-enye ndụmọdụ amụma ntọala ezi uche dị na ya maka usoro nhazi SSH dị ka Ciphers, MACs na KexAlgos na ọtụtụ ndị ọzọ.

O nwere ụfọdụ uru ndị a:

  • O nwere nkwado pere mpe, ssh_scan na-ewe naanị Ruby na BinData ka ọ rụọ ọrụ ya, enweghị ntụkwasị obi dị arọ.
  • Ọ nwere ike ibugharị, ị nwere ike iji ssh_scan n'ọrụ ọzọ ma ọ bụ maka akpaaka nke ọrụ.
  • Ọ dị mfe iji, tụọ ya naanị na ọrụ SSH wee nweta akụkọ JSON nke ihe ọ na-akwado yana ọkwa iwu.
  • Ọ nwekwara ike ịhazi ya, ị nwere ike ịmepụta atumatu omenala nke gị dabara na ihe ị chọrọ.

Otu esi etinye ssh_scan na Linux

Enwere ụzọ atọ ị nwere ike iwunye ssh_scan na ha bụ:

Iji wụnye na ịgba ọsọ dị ka bara nnukwu uru, pịnye:

----------- On Debian/Ubuntu ----------- 
$ sudo apt-get install ruby gem
$ sudo gem install ssh_scan

----------- On CentOS/RHEL ----------- 
# yum install ruby rubygem
# gem install ssh_scan

Iji si na akpa docker agba ọsọ, pịnye:

# docker pull mozilla/ssh_scan
# docker run -it mozilla/ssh_scan /app/bin/ssh_scan -t github.com

Iji wụnye na si na isi mmalite, pịnye:

# git clone https://github.com/mozilla/ssh_scan.git
# cd ssh_scan
# gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
# curl -sSL https://get.rvm.io | bash -s stable
# rvm install 2.3.1
# rvm use 2.3.1
# gem install bundler
# bundle install
# ./bin/ssh_scan

Otu esi eji ssh_scan na Linux

Okwu syntax maka iji ssh_scan bụ nke a:

$ ssh_scan -t ip-address
$ ssh_scan -t server-hostname

Dịka ọmụmaatụ iji nyochaa nhazi SSH na amụma nke sava 92.168.43.198, tinye:

$ ssh_scan -t 192.168.43.198

Rịba ama na ị nwekwara ike ịnyefe [IP/Range/Hostname] na nhọrọ -t dị ka egosiri na nhọrọ ndị dị n'okpuru:

$ ssh_scan -t 192.168.43.198,200,205
$ ssh_scan -t test.tecmint.lan
I, [2017-05-09T10:36:17.913644 #7145]  INFO -- : You're using the latest version of ssh_scan 0.0.19
[
  {
    "ssh_scan_version": "0.0.19",
    "ip": "192.168.43.198",
    "port": 22,
    "server_banner": "SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1",
    "ssh_version": 2.0,
    "os": "ubuntu",
    "os_cpe": "o:canonical:ubuntu:16.04",
    "ssh_lib": "openssh",
    "ssh_lib_cpe": "a:openssh:openssh:7.2p2",
    "cookie": "68b17bcca652eeaf153ed18877770a38",
    "key_algorithms": [
      "[email ",
      "ecdh-sha2-nistp256",
      "ecdh-sha2-nistp384",
      "ecdh-sha2-nistp521",
      "diffie-hellman-group-exchange-sha256",
      "diffie-hellman-group14-sha1"
    ],
    "server_host_key_algorithms": [
      "ssh-rsa",
      "rsa-sha2-512",
      "rsa-sha2-256",
      "ecdsa-sha2-nistp256",
      "ssh-ed25519"
    ],
    "encryption_algorithms_client_to_server": [
      "[email ",
      "aes128-ctr",
      "aes192-ctr",
      "aes256-ctr",
      "[email ",
      "[email "
    ],
    "encryption_algorithms_server_to_client": [
      "[email ",
      "aes128-ctr",
      "aes192-ctr",
      "aes256-ctr",
      "[email ",
      "[email "
    ],
    "mac_algorithms_client_to_server": [
      "[email ",
      "[email ",
      "[email ",
      "[email ",
      "[email ",
      "[email ",
      "[email ",
      "hmac-sha2-256",
      "hmac-sha2-512",
      "hmac-sha1"
    ],
    "mac_algorithms_server_to_client": [
      "[email ",
      "[email ",
      "[email ",
      "[email ",
      "[email ",
      "[email ",
      "[email ",
      "hmac-sha2-256",
      "hmac-sha2-512",
      "hmac-sha1"
    ],
    "compression_algorithms_client_to_server": [
      "none",
      "[email "
    ],
    "compression_algorithms_server_to_client": [
      "none",
      "[email "
    ],
    "languages_client_to_server": [

    ],
    "languages_server_to_client": [

    ],
    "hostname": "tecmint",
    "auth_methods": [
      "publickey",
      "password"
    ],
    "fingerprints": {
      "rsa": {
        "known_bad": "false",
        "md5": "0e:d0:d7:11:f0:9b:f8:33:9c:ab:26:77:e5:66:9e:f4",
        "sha1": "fc:8d:d5:a1:bf:52:48:a6:7e:f9:a6:2f:af:ca:e2:f0:3a:9a:b7:fa",
        "sha256": "ff:00:b4:a4:40:05:19:27:7c:33:aa:db:a6:96:32:88:8e:bf:05:a1:81:c0:a4:a8:16:01:01:0b:20:37:81:11"
      }
    },
    "start_time": "2017-05-09 10:36:17 +0300",
    "end_time": "2017-05-09 10:36:18 +0300",
    "scan_duration_seconds": 0.221573169,
    "duplicate_host_key_ips": [

    ],
    "compliance": {
      "policy": "Mozilla Modern",
      "compliant": false,
      "recommendations": [
        "Remove these Key Exchange Algos: diffie-hellman-group14-sha1",
        "Remove these MAC Algos: [email , [email , [email , hmac-sha1",
        "Remove these Authentication Methods: password"
      ],
      "references": [
        "https://wiki.mozilla.org/Security/Guidelines/OpenSSH"
      ]
    }
  }
]

Ị nwere ike iji -p kọwaa ọdụ ụgbọ mmiri dị iche, -L iji mee ka logger na -V kọwapụta ọkwa verbosity dị ka egosiri n'okpuru:

$ ssh_scan -t 192.168.43.198 -p 22222 -L ssh-scan.log -V INFO

Na mgbakwunye, jiri faịlụ amụma omenala (ndabere bụ Mozilla Modern) nwere -P ma ọ bụ --policy [FILE] dị ka nke a:

$ ssh_scan -t 192.168.43.198 -L ssh-scan.log -V INFO -P /path/to/custom/policy/file

Pịnye nke a ka ilele nhọrọ ojiji ssh_scan yana ọmụmaatụ ndị ọzọ:

$ ssh_scan -h
ssh_scan v0.0.17 (https://github.com/mozilla/ssh_scan)

Usage: ssh_scan [options]
    -t, --target [IP/Range/Hostname] IP/Ranges/Hostname to scan
    -f, --file [FilePath]            File Path of the file containing IP/Range/Hostnames to scan
    -T, --timeout [seconds]          Timeout per connect after which ssh_scan gives up on the host
    -L, --logger [Log File Path]     Enable logger
    -O, --from_json [FilePath]       File to read JSON output from
    -o, --output [FilePath]          File to write JSON output to
    -p, --port [PORT]                Port (Default: 22)
    -P, --policy [FILE]              Custom policy file (Default: Mozilla Modern)
        --threads [NUMBER]           Number of worker threads (Default: 5)
        --fingerprint-db [FILE]      File location of fingerprint database (Default: ./fingerprints.db)
        --suppress-update-status     Do not check for updates
    -u, --unit-test [FILE]           Throw appropriate exit codes based on compliance status
    -V [STD_LOGGING_LEVEL],
        --verbosity
    -v, --version                    Display just version info
    -h, --help                       Show this message

Examples:

  ssh_scan -t 192.168.1.1
  ssh_scan -t server.example.com
  ssh_scan -t ::1
  ssh_scan -t ::1 -T 5
  ssh_scan -f hosts.txt
  ssh_scan -o output.json
  ssh_scan -O output.json -o rescan_output.json
  ssh_scan -t 192.168.1.1 -p 22222
  ssh_scan -t 192.168.1.1 -p 22222 -L output.log -V INFO
  ssh_scan -t 192.168.1.1 -P custom_policy.yml
  ssh_scan -t 192.168.1.1 --unit-test -P custom_policy.yml

Lelee ụfọdụ artilce bara uru na SSH Server:

  1. SSH Paswọdu Nbanye na-eji SSH Keygen n'ime nzọụkwụ 5 dị mfe
  2. Omume 5 kacha mma iji chekwaa sava SSH
  3. Machibidoro onye ọrụ SSH ịnweta ụfọdụ ndekọ site na iji ụlọ mkpọrọ chrooted
  4. Otu esi ahazi njikọ SSH omenala iji mee ka ịnweta ohere dị mfe

Maka nkọwa ndị ọzọ gaa na ebe nchekwa ssh_scan Github: https://github.com/mozilla/ssh_scan

N'isiokwu a, anyị gosiri gị otu esi edozi ma jiri ssh_scan na Linux. Ị maara ngwaọrụ ọ bụla yiri nke ahụ dị n'ebe ahụ? Mee ka anyị mara site na mpempe nzaghachi n'okpuru, gụnyere echiche ọ bụla ọzọ gbasara ntuziaka a.