Scanning Engine v2 - Module - SSH¶
Overview¶
The Secure Shell (SSH) service is a secure network protocol that provides a way to access and manage remote systems securely. SSH services are typically used in distributed computing environments to establish encrypted and authenticated communication channels between clients and servers. Unauthorized access and potential security breaches should be diligently avoided when interacting with SSH services.
The SSH module attempts to connect to a SSH server and extract all the algorithms supported by the server.
Targeting¶
This module targets TCP ports by IP address or hostname.
Schemas¶
The schema for the body object of all results generated with .task.module_name equal to ssh can be found here. The schema for results is available both in standalone and bundled form.
Examples¶
These are examples of the .body object for results with .task.module_name equal to ssh.
Github¶
{
"algorithms": {
"compression": [
"none",
"zlib@openssh.com"
],
"encryption": [
"chacha20-poly1305@openssh.com",
"aes256-gcm@openssh.com",
"aes128-gcm@openssh.com",
"aes256-ctr",
"aes192-ctr",
"aes128-ctr"
],
"kex": [
"curve25519-sha256",
"curve25519-sha256@libssh.org",
"ecdh-sha2-nistp256",
"ecdh-sha2-nistp384",
"ecdh-sha2-nistp521",
"diffie-hellman-group-exchange-sha256",
"kex-strict-s-v00@openssh.com"
],
"mac": [
"hmac-sha2-512-etm@openssh.com",
"hmac-sha2-256-etm@openssh.com",
"hmac-sha2-512",
"hmac-sha2-256"
],
"server_host_key": [
"ssh-ed25519",
"ecdsa-sha2-nistp256",
"rsa-sha2-512",
"rsa-sha2-256",
"ssh-rsa"
]
},
"banner": "SSH-2.0-230b7ac",
"cyphers": [
{
"cypher": "ssh-rsa",
"key": "AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk=",
"fingerprint": "d5:2c:63:d9:bc:75:9d:de:b1:4e:36:28:9f:7a:9c:39",
"length": 3072
},
{
"cypher": "ecdsa-sha2-nistp256",
"key": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=",
"fingerprint": "7b:99:81:1e:4c:91:a5:0d:5a:2e:2e:80:13:3f:24:ca"
},
{
"cypher": "ssh-ed25519",
"key": "AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl",
"fingerprint": "65:96:2d:fc:e8:d5:a9:11:64:0c:0f:ea:00:6e:5b:bd"
}
],
"hassh": {
"hassh": "fe851e9092cff85cc47bd1d84ce84a82",
"hassh_algorithms": "curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,kex-strict-s-v00@openssh.com;chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr;hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-256;none,zlib@openssh.com"
}
}
Changelog¶
v2.0.0 (2025-09-10)¶
- Complete rewrite from Python to Go for improved performance and maintainability.
- Improved error handling and result processing with better logging and validation.
v1.0.0 (2025-07-08)¶
- Initial release of versioning for each module. All modules are being tagged with version number
1.0.0. Going forward: - Major version should be changed when there are changes that impact consumers or clients of the modules.
- Minor version should be changed when there are additions which enrich or enhance the module but shouldn't affect consumers or clients.
- Patch version should be changed when there are bugfixes.