About

This free tool audits the configuration of an SSH server or client and highlights the areas needing improvement.

Too many admins overlook SSH configuration when setting up new systems. Unfortunately, the defaults for many operating systems are optimized for compatibility, not security.

To see a sample report, click here.

Loading, please wait...

Server Audit

To audit a server configuration, enter its hostname or IPv4/IPv6 address:

Target SSH Server:

Port:

Next, choose the scan type (What is the difference?):

Scanning, please wait...

Client Audit

To audit a client configuration, click the button below. A listener will begin on a random port on the ssh-audit.com server. With any username, simply connect to it within 45 seconds.

For convenience, these buttons will copy to the clipboard:

News

  1. Dec. 21, 2023: Added test for the Terrapin vulnerability (CVE-2023-48795).
  2. Feb. 1, 2023: Added Ubuntu Server 22.04 hardening policy.
  3. Oct. 21, 2020: Added server policy scanning.
  4. Feb. 9, 2020: Host key type 'ssh-rsa' is now considered weak due to practical SHA-1 attacks.
  5. Nov. 14, 2019: Added client auditing capability.
  6. Oct. 8, 2019: Port restrictions removed for greater convenience.