You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: README.md
+5-5
Original file line number
Diff line number
Diff line change
@@ -151,7 +151,7 @@ Below is a screen shot of the client-auditing output when an unhardened OpenSSH
151
151
Guides to harden server & client configuration can be found here: [https://www.ssh-audit.com/hardening_guides.html](https://www.ssh-audit.com/hardening_guides.html)
152
152
153
153
## Pre-Built Packages
154
-
Pre-built packages are available for Windows (see the releases page), PyPI, Snap, and Docker:
154
+
Pre-built packages are available for Windows (see the [Releases](https://github.com/jtesta/ssh-audit/releases) page), PyPI, Snap, and Docker:
155
155
156
156
To install from PyPI:
157
157
```
@@ -178,16 +178,16 @@ For convenience, a web front-end on top of the command-line tool is available at
178
178
179
179
## ChangeLog
180
180
181
-
### v3.1.0-dev (???)
181
+
### v3.1.0 (2023-12-20)
182
182
- Added test for the Terrapin message prefix truncation vulnerability ([CVE-2023-48795](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795)).
183
183
- Dropped support for Python 3.7 (EOL was reached in June 2023).
184
-
- Added Python 3.12 to Tox tests.
185
-
- In server policies, reduced expected DH modulus sizes from 4096 to 3072 to match online hardening guides (note that 3072-bit moduli provide the equivalent of 128-bit symmetric security).
184
+
- Added Python 3.12 support.
185
+
- In server policies, reduced expected DH modulus sizes from 4096 to 3072 to match the [online hardening guides](https://ssh-audit.com/hardening_guides.html) (note that 3072-bit moduli provide the equivalent of 128-bit symmetric security).
186
186
- In Ubuntu 22.04 client policy, moved host key types `[email protected]` and `ssh-ed25519` to the end of all certificate types.
187
187
- Updated Ubuntu Server & Client policies for 20.04 and 22.04 to account for key exchange list changes due to Terrapin vulnerability patches.
188
188
- Re-organized option host key types for OpenSSH 9.2 server policy to correspond with updated Debian 12 hardening guide.
189
189
- Added built-in policies for OpenSSH 9.5 and 9.6.
190
-
- Added an "additional_notes" field to the JSON output.
190
+
- Added an `additional_notes` field to the JSON output.
191
191
192
192
### v3.0.0 (2023-09-07)
193
193
- Results from concurrent scans against multiple hosts are no longer improperly combined; bug discovered by [Adam Russell](https://github.com/thecliguy).
0 commit comments