Hi,
Some updates on OpenSSH config hardening
1) The ssh-audit tool that Mathew Binkley pointed out has been forked
and updated and lives at
https://github.com/jtesta/ssh-audit
2) The sshaudit.com site now uses the above version.
3) The sshaudit.com site also now provides a hardening guide
https://www.ssh-audit.com/hardening_guides.html
that was inspired by the original stribika.github.io page mentioned here.
I like Mathew's idea of aiming for a config that scores well, with
commented out configs for enabling compatibility for older clients.
--
Matt Taggart
m...@lackof.org