{"id":13539654,"url":"https://github.com/mozilla/ssh_scan","last_synced_at":"2025-04-02T06:31:12.441Z","repository":{"id":40414692,"uuid":"50693175","full_name":"mozilla/ssh_scan","owner":"mozilla","description":"DEPRECATED - A prototype SSH configuration and policy scanner (Blog: https://mozilla.github.io/ssh_scan/)","archived":true,"fork":false,"pushed_at":"2022-01-23T21:53:21.000Z","size":4205,"stargazers_count":793,"open_issues_count":2,"forks_count":105,"subscribers_count":44,"default_branch":"master","last_synced_at":"2024-10-30T00:45:23.265Z","etag":null,"topics":["abandoned","unmaintained"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mozilla.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-01-29T21:39:15.000Z","updated_at":"2024-10-22T21:15:11.000Z","dependencies_parsed_at":"2022-08-09T19:40:59.139Z","dependency_job_id":null,"html_url":"https://github.com/mozilla/ssh_scan","commit_stats":null,"previous_names":[],"tags_count":38,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mozilla%2Fssh_scan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mozilla%2Fssh_scan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mozilla%2Fssh_scan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mozilla%2Fssh_scan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mozilla","download_url":"https://codeload.github.com/mozilla/ssh_scan/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246767837,"owners_count":20830565,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["abandoned","unmaintained"],"created_at":"2024-08-01T09:01:30.046Z","updated_at":"2025-04-02T06:31:08.968Z","avatar_url":"https://github.com/mozilla.png","language":"Ruby","readme":"# ssh_scan\n\n[![Gem Version](https://badge.fury.io/rb/ssh_scan.svg)](https://badge.fury.io/rb/ssh_scan)\n[![Coverage Status](https://coveralls.io/repos/github/mozilla/ssh_scan/badge.svg?branch=master)](https://coveralls.io/github/mozilla/ssh_scan?branch=master)\n\nA SSH configuration and policy scanner\n\n⚠️ Deprecation Notice ⚠️\n-------------------------\n\nMozilla is no longer maintaining the SSH Scan project.\n\nPlease fork it to continue development.\n\n## Key Benefits\n\n- **Minimal Dependencies** - Uses native Ruby and BinData to do its work, no heavy dependencies.\n- **Not Just a Script** - Implementation is portable for use in another project or for automation of tasks.\n- **Simple** - Just point `ssh_scan` at an SSH service and get a JSON report of what it supports and its policy status.\n- **Configurable** - Make your own custom policies that fit your unique policy requirements.\n\n## Setup\n\nTo install and run as a gem, type:\n\n```bash\ngem install ssh_scan\nssh_scan\n```\n\nTo run from a docker container, type:\n\n```bash\ndocker pull mozilla/ssh_scan\ndocker run -it mozilla/ssh_scan -t sshscan.rubidus.com\n```\n\nTo install and run from source, type:\n\n```bash\n# clone repo\ngit clone https://github.com/mozilla/ssh_scan.git\ncd ssh_scan\n\ngem install bundler\nbundle install\n\n./bin/ssh_scan\n```\n\n## Example Command-Line Usage\n\nRun `ssh_scan -h` to get this\n\n```bash\nssh_scan v0.0.21 (https://github.com/mozilla/ssh_scan)\n\nUsage: ssh_scan [options]\n    -t, --target [IP/Range/Hostname] IP/Ranges/Hostname to scan\n    -f, --file [FilePath]            File Path of the file containing IP/Range/Hostnames to scan\n    -T, --timeout [seconds]          Timeout per connect after which ssh_scan gives up on the host\n    -L, --logger [Log File Path]     Enable logger\n    -O, --from_json [FilePath]       File to read JSON output from\n    -o, --output [FilePath]          File to write JSON output to\n    -p, --port [PORT]                Port (Default: 22)\n    -P, --policy [FILE]              Custom policy file (Default: Mozilla Modern)\n        --threads [NUMBER]           Number of worker threads (Default: 5)\n        --fingerprint-db [FILE]      File location of fingerprint database (Default: ./fingerprints.db)\n        --suppress-update-status     Do not check for updates\n    -u, --unit-test [FILE]           Throw appropriate exit codes based on compliance status\n    -V [STD_LOGGING_LEVEL],\n        --verbosity\n    -v, --version                    Display just version info\n    -h, --help                       Show this message\n\nExamples:\n\n  ssh_scan -t 192.168.1.1\n  ssh_scan -t server.example.com\n  ssh_scan -t ::1\n  ssh_scan -t ::1 -T 5\n  ssh_scan -f hosts.txt\n  ssh_scan -o output.json\n  ssh_scan -O output.json -o rescan_output.json\n  ssh_scan -t 192.168.1.1 -p 22222\n  ssh_scan -t 192.168.1.1 -p 22222 -L output.log -V INFO\n  ssh_scan -t 192.168.1.1 -P custom_policy.yml\n  ssh_scan -t 192.168.1.1 --unit-test -P custom_policy.yml\n```\n\n- See here for [example output](https://github.com/mozilla/ssh_scan/blob/master/examples/192.168.1.1.json)\n- See here for [example policies](https://github.com/mozilla/ssh_scan/blob/master/config/policies)\n\n## ssh_scan as a service/api?\n\nThis project is solely for ssh_scan engine/command-line usage.\n\nIf you would like to run ssh_scan as a service, please refer to [the ssh_scan_api project](https://github.com/mozilla/ssh_scan_api)\n\n## Rubies Supported\n\nThis project is integrated with [travis-ci](http://about.travis-ci.org/) and is regularly tested to work with multiple rubies.\n\nTo checkout the current build status for these rubies, click [here](https://travis-ci.org/#!/mozilla/ssh_scan).\n\n## Contributing\n\nIf you are interested in contributing to this project, please see [CONTRIBUTING.md](https://github.com/mozilla/ssh_scan/blob/master/CONTRIBUTING.md).\n\n## Credits\n\n**Sources of Inspiration for ssh_scan**\n\n- [**Mozilla OpenSSH Security Guide**](https://wiki.mozilla.org/Security/Guidelines/OpenSSH) - For providing a sane baseline policy recommendation for SSH configuration parameters (eg. Ciphers, MACs, and KexAlgos).\n","funding_links":[],"categories":["\u003ca id=\"8f92ead9997a4b68d06a9acf9b01ef63\"\u003e\u003c/a\u003e扫描器\u0026\u0026安全扫描\u0026\u0026App扫描\u0026\u0026漏洞扫描","Ruby","\u003ca id=\"132036452bfacf61471e3ea0b7bf7a55\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"de63a029bda6a7e429af272f291bb769\"\u003e\u003c/a\u003e未分类-Scanner"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmozilla%2Fssh_scan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmozilla%2Fssh_scan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmozilla%2Fssh_scan/lists"}