SECURITY : check Your SSH server key/algo/ciphers/Mac

xemaps · August 2025

On debian as root

apt-get install ssh-audit
usage: ssh-audit [options] 
sample : 
ssh-audit -p 22 127.0.0.1

So you can TEST YOUR Server/VPS or External target !
For those which don't have debian or don't want install, just check https://www.sshaudit.com/
Test result :

NeedDeal · August 2025

Who audited the audit?
Whailt if this tool exploits your ass

xemaps · August 2025

@NeedDeal said:
Who audited the audit?
Whailt if this tool exploits your ass

ssh-audit is in debian packages open source.
For all the online tool you are the only judge, but noone say you have to test YOUR server with it.
Sure i won't test the audit client part.

NeedDeal · August 2025

Open source doesnt mean nothing.
You can obfuscate code and not even most highly skilled programmers can detect it.
And open doesnt mean it is open, at best it can be Some Parts Of The Code.
Open Source is just a big fat lie in most cases.

xemaps · August 2025

debian local ssh-audit

ssh-audit -p 22 127.0.0.1
# general
(gen) banner: SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u7
(gen) software: OpenSSH 9.2p1
(gen) compatibility: OpenSSH 7.4+, Dropbear SSH 2018.76+
(gen) compression: enabled ([email protected])

# key exchange algorithms
(kex) curve25519-sha256                     -- [info] available since OpenSSH 7.4, Dropbear SSH 2018.76
(kex) diffie-hellman-group-exchange-sha256 (2048-bit) -- [info] available since OpenSSH 4.4
(kex) diffie-hellman-group16-sha512         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group18-sha512         -- [info] available since OpenSSH 7.3
(kex) [email protected]          -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
(kex) [email protected]          -- [warn] unknown algorithm

# host-key algorithms
(key) rsa-sha2-512 (3072-bit)               -- [info] available since OpenSSH 7.2
(key) rsa-sha2-256 (3072-bit)               -- [info] available since OpenSSH 7.2
(key) ssh-ed25519                           -- [info] available since OpenSSH 6.5

# encryption algorithms (ciphers)
(enc) [email protected]                -- [info] available since OpenSSH 6.2
(enc) aes128-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
(enc) [email protected]                -- [info] available since OpenSSH 6.2
(enc) aes192-ctr                            -- [info] available since OpenSSH 3.7
(enc) aes256-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52

# message authentication code algorithms
(mac) [email protected]         -- [info] available since OpenSSH 6.2
(mac) [email protected]              -- [info] available since OpenSSH 6.2
(mac) [email protected]         -- [info] available since OpenSSH 6.2

# fingerprints
(fin) ssh-ed25519: SHA256:V/D+Os2y59YjcB0g3sgAynurvprON575AENFsHGkLwc
(fin) ssh-rsa: SHA256:YgFVLbuThlugBecNOw/B52hN9Ce7RyZ0q6dyBl+2/Ic

# algorithm recommendations (for OpenSSH 9.2)
(rec) [email protected]        -- enc algorithm to append
(rec) +diffie-hellman-group14-sha256        -- kex algorithm to append

!!! WARNING: unknown algorithm(s) found!: [email protected].  Please email the full output above to the maintainer ([email protected]), or create a Github issue at .

hyperblast · August 2025

@xemaps why banned? @angstrom

zed · August 2025

Interesting. I rather enjoyed his posts.

sillycat · August 2025

@hyperblast said:
@xemaps why banned? @angstrom

hyperblast · August 2025

i see, he send it to all users? i got the same pm.

COLBYLICIOUS · August 2025

FAT32 · August 2025

@hyperblast said:
@xemaps why banned? @angstrom

He is representing hosting provider and has been using PM as a way to spam the offers.

barbaros · August 2025

No one ever offered me to try German premium chicken

MaxTakeba · August 2025

@FAT32 said:

@hyperblast said:
@xemaps why banned? @angstrom

He is representing hosting provider and has been using PM as a way to spam the offers.

https://lowendtalk.com/discussion/comment/4489101/#Comment_4489101

So Calin is going to get the same treatment right? I did report this at the time and saw no action taken.

itachikonoha · August 2025

I didn't get offered. Little bit offended and disappointed too.

zed · August 2025

Man, can't trust anybody.

@itachikonoha said: I didn't get offered. Little bit offended and disappointed too.

same!

FAT32 · August 2025

@MaxTakeba said:

@FAT32 said:

@hyperblast said:
@xemaps why banned? @angstrom

He is representing hosting provider and has been using PM as a way to spam the offers.

https://lowendtalk.com/discussion/comment/4489101/#Comment_4489101

So Calin is going to get the same treatment right? I did report this at the time and saw no action taken.

There's a lot of reasons why he is not getting banned, we are actually quite active and reacted to most of the reports swiftly.

However, if there's a specific user or post that doesn't get acted on even after flagging, it is because we have a lot of discussions and considerations happening behind the scene, and it usually requires a bit of voting to ensure a fair outcome.

Ban is not always the solution.

zed · August 2025

@FAT32 said: a lot of discussions and considerations happening

We're gonna need to see the receipts!

itachikonoha · August 2025

@MaxTakeba said:

@FAT32 said:

@hyperblast said:
@xemaps why banned? @angstrom

He is representing hosting provider and has been using PM as a way to spam the offers.

https://lowendtalk.com/discussion/comment/4489101/#Comment_4489101

So Calin is going to get the same treatment right? I did report this at the time and saw no action taken.

Shady customer, shady provider. Both deserved each other in that 22.5k case. The customer can't file an FIR for a reason.

MaxTakeba · August 2025

@FAT32 said:

@MaxTakeba said:

@FAT32 said:

@hyperblast said:
@xemaps why banned? @angstrom

He is representing hosting provider and has been using PM as a way to spam the offers.

https://lowendtalk.com/discussion/comment/4489101/#Comment_4489101

So Calin is going to get the same treatment right? I did report this at the time and saw no action taken.

There's a lot of reasons why he is not getting banned, we are actually quite active and reacted to most of the reports swiftly.

However, if there's a specific user or post that doesn't get acted on even after flagging, it is because we have a lot of discussions and considerations happening behind the scene, and it usually requires a bit of voting to ensure a fair outcome.

Ban is not always the solution.

🙄

Excuse me if I sound unamused and petty but there's enough reasons to ban forever and then you're telling me there's a lot of a reasons he's not getting banned... I'm in disbelief to be frank, but I am unfortunately not privy to such reasons and nor is anyone else it seems... But we keep beating this dead horse... Rather an end vs half the community wanting him gone and the other half some how finding reasons not to but still would rather ban him from posting offers... And will continue to DM offers anyway...

Doesn't pass the smell test.

Void · August 2025

@zed said:
Man, can't trust anybody.

@itachikonoha said: I didn't get offered. Little bit offended and disappointed too.

same!

We are not worthy

ralf · August 2025

@COLBYLICIOUS said:

He messaged me at 6:58AM. That's 2h30 before he spammed you, so he could well have sent a lot of this spam. [EDIT: I can't do timezones!]

That said, I notice the capitalisation on my message is different to yours, so he might actually have typed in (almost) the same thing over and over rather than copy-pasting.

Weredime · August 2025

Interesting fella, requested quite the few free trials. I guess they got bored of other hosting providers that failed to have 10G speed dedicated and decided to run a summerhost

Howdy, Stranger!

Categories

In this Discussion

SECURITY : check Your SSH server key/algo/ciphers/Mac

On debian as root

Comments

Howdy, Stranger!

Quick Links

Categories

In this Discussion

SECURITY : check Your SSH server key/algo/ciphers/Mac

On debian as root

Comments