ssh-audit

ssh-audit is an open-source security auditing tool that analyzes the configuration of SSH servers and clients by examining banners, key exchange algorithms, encryption methods, MAC algorithms, compression options, and compatibility settings to identify weak, obsolete, or insecure cryptographic primitives and misconfigurations that could compromise SSH security. The tool performs comprehensive security assessments with policy-based audits against hardening guides for common platforms including Ubuntu, Debian, and OpenSSH versions, providing detailed pass/fail results with remediation guidance aligned with security best practices to help system administrators strengthen SSH tunnel security across on-premises, cloud, and hybrid infrastructure environments.