
SSH Check – public SSH server testing tool - sajagi
http://sshcheck.com
======
theandrewbailey
I followed the Mozilla SSH guidelines[0] modern configuration, and turned out
pretty good on this tool.

[0]
[https://wiki.mozilla.org/Security/Guidelines/OpenSSH](https://wiki.mozilla.org/Security/Guidelines/OpenSSH)

------
hannob
There are a couple of strange things here.

It lists oakley group 14 as insecure with no justification. That's a 2048 bit
diffie hellman group and it should be totally fine.

It also lists hmac-sha1 as problematic, although in hmac the weaknesses of
sha1 are irrelevant.

I'm not sure about the umac 64 bit block size. That should at least have some
more info why it's considered problematic.

Usually OpenSSH is pretty good at deprecating problematic algorithm choices,
so I tend to stick with upstream defaults.

~~~
sajagi
Hi hannob, I'll re-check the classifications. Pretty sure you're right about
the hmac-sha1 being still ok. Wrt oakley 14 and umac64 (and others) I'll try
to add more detailed justifications. Thanks for your comment!

~~~
elithrar
It's important to note that "HMAC-SHA-1" is an entirely different construction
compared to SHA-1. It is a HMAC that happens to use SHA-1 internally, and it
uses it in a way that means it does not yet share weaknesses with SHA-1 as a
hash.

Of course, if you are writing something today, you should lean towards HMAC-
SHA-256 or 512 as an extra buffer, but choosing to avoid HMAC-SHA-1 because it
says "SHA-1" is not a valid reason.

------
GordonS
It would be super-useful if it could give you something actionable for each
issue if finds.

~~~
meritt
[https://wiki.mozilla.org/Security/Guidelines/OpenSSH](https://wiki.mozilla.org/Security/Guidelines/OpenSSH)

While not exactly the solution you're looking for the Mozilla OpenSSH
guidelines are quite better than the default sshd_config

~~~
problems
Seems fairly good - I would consider going 25519-only if you have compatible
clients for kex and auth.

Some of their concerns with SSH agent forwarding are good too - but make me
wonder if writing some little GUI that would have you allow or deny
authentication requests would solve the problem.

------
crispyambulance
OK, I am not embarrassed to ask...

If I see some "weak" or "insecure" tags, what can I do about it? I have no
idea how to disable MAC, key-exchange, and encryption algorithms used by the
server I control. I had thought that just using SSH was "enough"

More importantly, if I do disable the insecure stuff, what will it break ?

~~~
bimmer44
This article is very detailed and includes examples of setting sshd to only
use more secure options: [https://stribika.github.io/2015/01/04/secure-secure-
shell.ht...](https://stribika.github.io/2015/01/04/secure-secure-shell.html)

There was also a lot of HN discussion about it:
[https://news.ycombinator.com/item?id=8843994](https://news.ycombinator.com/item?id=8843994)

------
sleavey
Great tool - I found some weaknesses in my SSH server. After fixing them, I
wanted to test it again but I can't find a refresh button...

EDIT: turns out you need to wait 10 minutes.

~~~
sajagi
i am adding refresh button to my to-do list! :)

~~~
sajagi
I actually decreased the cache expiry to 10 seconds instead, I believe that
should be ok for everyone.

------
MrRadar
A suggestion: add simulated handshakes for various versions of OpenSSH and
PuTTY to indicate which cipher/auth/kex algorithm they would negotiate with
their default settings (ala the SSL Labs scanner).

------
andriussev
If it included info on what to do with the WEAK ones, it would be much better.
Sort of like the Google Pagespeed style.

~~~
akerro
[https://stribika.github.io/2015/01/04/secure-secure-
shell.ht...](https://stribika.github.io/2015/01/04/secure-secure-shell.html)

------
jokr004
Is it just me or am I the only one who is a bit hesitant to submit the public
IP/hostname to some random service on the web. I'm not trying to say that the
creator of this has any ill intent, but I also don't know that they aren't
cataloging addresses of potentially vulnerable ssh daemons.

Anyway.. just to reiterate I'm not trying accuse you of anything OP. Very cool
utility, nice work!

~~~
ryandrake
You're getting a lot of responses along the lines of: "Well if it's on the
public internet it's already being indexed and scanned already, so there's no
harm submitting a single IP address / hostname." Whoever thinks this is
relevant: Please post your personal server's IP address here.

My phone number is 10 digits. It can easily be enumerated. I'm still not
posting it in a public forum or submitting it to an unknown web site.

~~~
haldean
Sure thing. I have two boxes that run sshd exposed to the internet:
69.164.221.163 and 45.79.85.20. sshd runs on port 2020 now; I was running it
on port 22 before but I got so many failed login attempts that it was actually
causing noticable load on the system (something like average 10% CPU usage
just for sshd).

I still get a couple hundred failed login attempts every day. Reasonably
strong passwords and fail2ban mean that it's nbd.

Also, my phone number is on my website (it's 320 584 9293) and most of the
spam calls I get are through whois, not the fact that there's a tel: URL out
there pointing at it.

------
pmoriarty
Why is this a service and not a standalone tool that I can use from my own
machine?

Do I really want to be giving out the locations of my ssh servers to some
random website?

Also, a standalone tool could be used behind corporate firewalls, where this
service is useless.

~~~
cmurf
Yeah I'd like a local tool. Maybe I want to do a test before I put it on the
internet.

~~~
ipostonthisacc
Try this [https://github.com/arthepsy/ssh-
audit](https://github.com/arthepsy/ssh-audit)

------
dobin
Is this based on ssh-audit? [https://github.com/arthepsy/ssh-
audit](https://github.com/arthepsy/ssh-audit)

~~~
sajagi
It is not, but thanks for sharing that link, looks very useful!

------
andreaso
It appear to have problems with newer chiphers.

sshd[28670]: fatal: Unable to negotiate with 40.112.150.31 port 47286: no
matching cipher found. Their offer:
aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-
ctr,3des-
cbc,twofish256-ctr,twofish192-ctr,twofish128-ctr,twofish256-cbc,twofish192-cbc,twofish128-cbc,twofish-
cbc [preauth]

~~~
sajagi
Hi andreaso, do you happen to have a list of encryption algs on your side? We
don't support chacha20-poly1305 (yet) and afaik aes in gcm mode, but e.g. aes
ctr are reliable so I find it strange these are not supported on your side.

~~~
andreaso
That sshd only supports the chacha20-poly1305 cipher.

Perfectly fine with that, since I'm the only one logging into that server.

------
matt_wulfeck
Great tool! Though I think it much safer to control these things client side,
that way no matter what you're connecting to you know you're getting safe
ciphers.

~~~
woodrowbarlow
safer for you, not safer for the server.

------
usuallybaffled
On one hand, nice way to collect a database of SSH servers without triggering
alarms.

On the other, people using this tool are more likely to take steps to secure
their servers.

~~~
vel0city
shodan.io already has a pretty good database of SSH servers. Want to find
servers running an old version of OpenSSH? Easily queriable.

[https://www.shodan.io/search?query=OpenSSH_5.2+country%3A%22...](https://www.shodan.io/search?query=OpenSSH_5.2+country%3A%22US%22)

There's a decent chance your SSH server is already in this database and many
others.

~~~
usuallybaffled
Very good point!

------
atmosx
Ok, say I am on vacations and my laptop turned brick. The SQL crashed and I
need to perform a restore.

What do I do if only SSH keys are allowed? So I keep my key on a USB key? How
is that safe to plug in into a computer?

Do I go around with a USB-Linux-distro with my key on it? What if in the
border an official decides to keep the USB device I was holding on to.

How do you manage this situation?

~~~
blfr
You have other people on call to care for critical infrastructure.

~~~
dicknuckle
I know many people keep an encrypted copy in various cloud or email accounts.
Then all you would need is the encryption password and internet access to
download the application to decrypt.

------
dhbx9
Is there a similar tool that tests HTTPS enabled web servers on their choice
of ciphers etc?

~~~
Maakuth
[https://www.ssllabs.com/](https://www.ssllabs.com/) is just that.

~~~
l-p
Or [https://testssl.sh/](https://testssl.sh/) if you don't want to rely on a
third-party.

------
r1ch
Just shows the following for me:

An error occurred This happenned when we were trying to connect to
io.r1ch.net:22.

[https://sshcheck.com/server/io.r1ch.net/](https://sshcheck.com/server/io.r1ch.net/)

~~~
sajagi
I'll take a look - it will take some time as I am currently swamped. Can you
please check again in few days? Thanks!

------
Spare_account
Should this have "Show HN:" in the title? The author of the site appears to be
the OP.

[https://news.ycombinator.com/showhn.html](https://news.ycombinator.com/showhn.html)

------
rythie
It'd be useful to know what this is likely to break, AFAIK I sshd doesn't log
what ciphers people used, like Apache can do. A caniuse.com for SSH would be
useful.

~~~
jlgaddis
It can log that stuff -- increase "LogLevel" in sshd_config.

------
duxet
Is there any possibility to do check again, eg. after updating sshd config?
After entering same data again i get previous result.

------
nemoniac
Out of curiosity I tried github.com and one of my servers. To my surprise it
judges my server to be far more secure than github.

------
goblin89
Ubuntu 16.04 launched from an AMI on AWS EC2 has weak points in its SSH setup
out of the box—supporting SHA-1 and 64-bit UMAC.

~~~
sajagi
It's quite probably because of compatibility with the older clients.
Unfortunately you can't simply use only the safest algorithms out there
because the clients wouldn't be able to connect :/

------
sp0ck
Kind of useless. I've checked, change settings and can't check again. I'm
getting results from some cache.

~~~
sajagi
you have to wait 10 minutes ... I am adding a refresh button as we speak.

------
snvzz
No IPv6 support.

~~~
sajagi
hi snvzz, which server did you try it on? i tried few ipv6 servers and it was
ok.

~~~
secure
Try any DNS name which only has a AAAA record, e.g. ipv6.google.com, which
results in “An unexpected error occurred.”

~~~
sajagi
Alright, thanks!

~~~
snvzz
As an added note, your server seems to resolve some A record, despite no A
records in the domain. I suspect whatever you're using for DNS does park all
NXDOMAIN into some website of their own.

------
Aaargh20318
After updating my SSH config, the tool won't let me re-check, it just gives me
the previous results.

~~~
el_duderino
You have to wait 10 minutes, but he is adding a refresh button.
[https://news.ycombinator.com/item?id=14559709](https://news.ycombinator.com/item?id=14559709)

------
jacquesm
Is there a good reason to open up access to your ssh port for some service by
a novelty account which could easily collect information on what version ssl
sub-protocols you do and do not support?

Consider me paranoid but I don't like services like this unless they come from
reputable sources and even then I'd much rather run something local.

Remember to close your port in your firewall after running the test.

~~~
simias
I'm not sure I get you, I find this service most useful for public-facing SSH
services (where the risk of attack in the greatest). I wouldn't bother
forwarding my laptop's port 22 just to test it, that's for sure.

If an attacker wants to gather a list of vulnerable SSH servers in the wild
they just have to map a bunch of random addresses (and that seems to be
extremely common judging by the number of failed auths on my public server).
Although it could be useful if you wanted to get a list of ssh servers not
running on port 22.

~~~
jacquesm
Yes, if it is public then I agree.

But if it is private you're going to have to unlock a port, let the service do
its thing and then re-lock afterwards. If you forget the last step you are now
more at risk than before.

Also, since the service does not advertise what IP it will be connecting from
beforehand (presumably the host you complete that form on, but that's not a
certainty, it's IP is 40.112.150.31, in an MS Azure block) you would open up
access to the world in order to do this.

~~~
sajagi
Even if the IP address was guaranteed static then I wouldn't dare recommending
admins to add an exception to firewall. That would certainly be a very bad
practice. There are tools available (mentioned in the comments around) that do
the same job and can be run in the DMZ (the question is, would anyone go
through the source code and verify the tool does not contain any malicious
code?).

~~~
jacquesm
Excellent, so how about the opposite: tell people on the website _not_ to make
an exception for your service.

~~~
sajagi
I am tempted to not interfere with the darwinian process ;) But seriously,
we'll probably add some note like that.

------
devdoomari
hope someone makes a local-executable version...

~~~
TimNN
There already is:
[https://github.com/evict/SSHScan](https://github.com/evict/SSHScan)

~~~
bechampion
and returns almost the same details , there is also a nmap script
[https://nmap.org/nsedoc/scripts/ssh2-enum-
algos.html](https://nmap.org/nsedoc/scripts/ssh2-enum-algos.html) I've always
found these kind of webapps attractive in a way ... the fact that it may be
doing a os.popen("nmap -vv bla bla bla") makes me uncomfortable ,

------
carroccio
[https://github.com/isgroup-srl/secure-ssh-server](https://github.com/isgroup-
srl/secure-ssh-server)

------
sandrina
Can you share what went into building this?

~~~
sajagi
(disclaimer: I work for Rebex)

SSH libraries written by Rebex. With the exception of ECC it's all closed-
source.

------
edmanet
netcat -z -w 2 $ipaddress 22;echo $?

How hard is that?

------
thinkMOAR
Call me critical AND paranoid.. but this kind of thing should be a tool people
can run locally. Not via some public service, which is probably gonna be
blacklisted on plenty of RBLs.

However first and above all, SSH SHOULD NEVER LISTEN AND/OR RESPOND to non
whitelisted ip addresses. NEVER, no exceptions.

Also i think it is more a promotion for the rebex site and software, not so
much the ssh scan utility... based on the selected sample site, simplicity of
the utility and site,

Server Identification: SSH-2.0-RebexSSH_1.0.0.0

~~~
jlgaddis
Meh, I've got two hosts running SSH that are accessible from anywhere. They
run OpenSSH on OpenBSD and are pretty locked down (only specific ciphers, key
exchange algorithms, and MACs are permitted), root login is disabled, and
password authentication is disabled, among other non-default configuration
options. These two hosts allow access (via SSH) to another 40 or so boxes
running various flavors and versions of Linux that can't be locked down as
much.

I do not worry one bit about those two hosts getting compromised as I took the
time to minimize the chances of that happening.

~~~
thinkMOAR
The fact you think that secures you, worries me, and that you share the almost
exact setup you have with the world, just as much. Security is layers, and one
layer is not telling the world about your setup.

~~~
jlgaddis
Security is also not relying on obscurity to keep you safe.

~~~
thinkMOAR
having your server ssh exposed to the world and trusting your configuration is
relying on obscurity. Having strict firewalls, with only a limited amount of
trusted ip addresses is anything but relying on obscurity.

