The best way to scan for weak ssh passwords on your network.
ssh-auditor will automatically:
- Re-check all known hosts as new credentials are added. It will only check the new credentials.
- Queue a full credential scan on any new host discovered.
- Queue a full credential scan on any known host whose ssh version or key fingerprint changes.
- Attempt command execution as well as attempt to tunnel a TCP connection.
- Re-check each credential using a per credential scan_interval.
It's designed so that you can run ssh-auditor discover + ssh-auditor scan from cron every hour to to perform a constant audit.