Free SSH Server & Client Security Auditing

Analyze your SSH server configuration and detect weak cryptographic algorithms, outdated protocols, and known vulnerabilities like Terrapin (CVE-2023-48795), SWEET32, and Logjam — instantly.

→ View a sample report without scanning

⚠ ssh-audit not installed. Run pip install ssh-audit then restart the server.

Server Audit

Client Audit

Enter a public hostname or IP. Port 22 is the default SSH port. Scans run server-side using the ssh-audit tool.

Auditing

Testing cryptographic algorithms — this takes 10–30 seconds

—

/100

Scanning…

Critical

Warnings

Passed

Total

gen General Information▾

mac Message Authentication Code Algorithms▾

key Host-Key Algorithms▾

enc Encryption Algorithms (Ciphers)▾

kex Key Exchange Algorithms▾

Recent Known Issues

CVE-2023-48795 — Terrapin attack (prefix truncation)
DHEat — DoS via DH group negotiation (OpenSSH <9.4)
CVE-2016-2183 — SWEET32 (3DES/Blowfish ciphers)
Logjam — Weak DH group (1024-bit)
ROBOT — RSA key exchange oracle

About

Powered by the open-source ssh-audit tool by Joe Testa.
Checks key exchange, host key, cipher, and MAC algorithms against known weaknesses.
Detects Terrapin, DHEat, and other protocol-level vulnerabilities.
No scan data is stored or logged.

Free SSH Server & Client Security Auditing

Configuration Recommendations

Recent Known Issues

About