Security

SSH Audit

System
ssh-audit is a tool for ssh server auditing. Features SSH1 and SSH2 protocol server support; grab banner, recognize device or software and operating system, detect compression; gather key-exchange, host-key, encryption and message authentication code algorithms; output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc); output algorithm recommendations (append or remove based on recognized software version); output security information (related issues, assigned CVE list, etc); analyze SSH version compatibility based on algorithm information;

Ed25519

Blog
like ssh and secure keys ? Generate Secure Key ssh-keygen -o -a 100 -t ed25519 -C "MyFamousComment" ssh-keygen -o -a 100 -t ed25519 -C "`whoami`@`hostname`@`date \"+%Y-%m-%d@%H:%M\"`" What is ed25519 Distribute Key ssh-copy-id user@remote-server-ip-or-dns-name Connect to Remote Connect to Remove without Agent Forwarding (use this unless you know what you’re dooing …) ssh -a ip-or-hostname Connect with Agent Forwarding or if you need Agent Forwarding ssh -A ip-or-hostname Confirm Agent Forwarding to confirm if agent forwarding is working, you can check your environment: