ssh-audit

ssh-audit inspects SSH servers and clients for supported algorithms, host keys, protocol behavior, and hardening posture. It can run standard audits, policy checks, client-side audits, and built-in hardening guide lookups from one command.

• Scan an SSH server to enumerate banners, key exchanges, host keys, ciphers, MACs, fingerprints, and version-compatibility issues.
• Audit many hosts from a targets file, generate a baseline policy from a known-good system, and check other servers or clients against built-in or custom policies.
• Inspect client SSH configurations by running a temporary listener, and retrieve built-in hardening guides or algorithm lookups without leaving the terminal.

• -j/--json provides structured audit output, including JSON arrays for multi-target scans and structured policy results that are straightforward to parse.
• Batch flags, target files, thread control, and explicit exit codes for good, warning, failure, connection error, and unknown error make it usable in CI and verification loops.
• Best for inspect-and-enforce workflows around SSH posture; remediation still happens by changing server or client configs outside the tool.

• It operates against live network targets, and client audits open a listening socket locally, so automation needs the right reachability and permissions.
• --dheat is an active denial-of-service test, so it should only be used against systems you are authorized to stress.