pool/ssh-audit
SHA256
17
0
Fork 1
Code Issues Pull Requests Activity
Files
factory
ssh-audit/ssh-audit.spec

69 lines
2.3 KiB
RPMSpec
Raw Permalink Normal View History

- Update to version 3.3.0 * Added Python 3.13 support. * Added built-in policies for Ubuntu 24.04 LTS server & client, OpenSSH 9.8, and OpenSSH 9.9. * Added IPv6 support for DHEat and connection rate tests. * Added TCP port information to JSON policy scan results. * Added LANcom LCOS server recognition and Ed448 key extraction * Now reports ECDSA and DSS fingerprints when in verbose mode. * Removed CVE information based on server/client version numbers, as this was wildly inaccurate (see this thread for the full discussion, as well as the results of the community vote on this matter). * Fixed crash when running with -P and -T options simultaneously. * Fixed host key tests from only reporting a key type at most once despite multiple hosts supporting it. * Fixed invalid JSON output when a socket error occurs while performing a client audit. * When scanning multiple targets (using -T/--targets), the -p/--port option will now be used as the default port (set to 22 if -p/--port is not given). Hosts specified in the file can override this default with an explicit port number (i.e.: "host1:1234"). For example, when using -T targets.txt -p 222, all hosts in targets.txt that do not explicitly include a port number will default to 222; when using -T targets.txt (without -p), all hosts will use a default of 22. * Updated built-in server & client policies for Amazon Linux 2023, Debian 12, Rocky Linux 9, and Ubuntu 22.04 to improve host key efficiency and cipher resistance to quantum attacks. * Added 1 new cipher: grasshopper-ctr128. OBS-URL: https://build.opensuse.org/package/show/security/ssh-audit?expand=0&rev=19
2024-10-16 15:06:43 +00:00
#
# spec file for package ssh-audit
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: ssh-audit
Version: 3.3.0
Release: 0
Summary: SSH server auditing
License: MIT
Group: Productivity/Security
URL: https://github.com/jtesta/ssh-audit
Source: https://github.com/jtesta/ssh-audit/releases/download/v%{version}/%{name}-%{version}.tar.gz
Source1: https://github.com/jtesta/ssh-audit/releases/download/v%{version}/%{name}-%{version}.tar.gz.sig
Source2: %{name}.keyring
BuildRequires: fdupes
BuildRequires: python3-pytest
BuildRequires: python3-rpm-macros
BuildRequires: python3-setuptools
Requires: python3
BuildArch: noarch
%description
ssh-audit is a tool for ssh server auditing.
Features:
* SSH1 and SSH2 protocol server support;
* grab banner, recognize device or software and operating system, detect compression;
* gather key-exchange, host-key, encryption and message authentication code algorithms;
* output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
* output algorithm recommendations (append or remove based on recognized software version);
* output security information (related issues, assigned CVE list, etc);
* analyze SSH version compatibility based on algorithm information;
* historical information from OpenSSH, Dropbear SSH and libssh;
%prep
%setup -q
sed -i -e '/^#!\//, 1d' src/ssh_audit/ssh_audit.py
%build
%python3_build
%install
%python3_install
%fdupes %{buildroot}%{python3_sitelib}
install -D -p -m0644 ssh-audit.1 %{buildroot}%{_mandir}/man1/ssh-audit.1
%files
%license LICENSE
%doc README.md
%{_bindir}/ssh-audit
%{_mandir}/man1/ssh-audit.1%{?ext_man}
%{python3_sitelib}/ssh_audit*
%changelog
Reference in New Issue Copy Permalink