sshaudit

package module
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 14, 2021 License: Apache-2.0 Imports: 11 Imported by: 0

README

sshaudit

CI codecov Go Report Card

Go package for working with https://www.sshaudit.com/

Installation

sshaudit can be installed using:

go get github.com/onaio/sshaudit

Basic Usage

Initializing client

You should provide your application name and version when initializing your client. They'll be used in setting the User-Agent request header.

appName := "test app"
appVersion := "v1.2.3"
client, err := sshaudit.NewClient(appName, appVersion)
Standard SSH audit

To run a standard audit on a given server:

server := "93.184.216.34"  // can be hostname or IPv4/IPv6 address
port := 22
info, err := client.StandardServerAudit(server, port)
Policy SSH audit

To run a policy audit on a given server:

server := "93.184.216.34"  // can be hostname or IPv4/IPv6 address
port := 22
policyName := "Hardened Ubuntu Server 20.04 LTS (version 1)"
info, err := client.PolicyServerAudit(server, port, policyName)

Documentation

Index

Constants

View Source 
const VERSION = "0.1.0"

VERSION is current package version.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuditNote 

type AuditNote struct {
	Name        string `json:"name"`
	Class       int    `json:"class"`
	ScoreCap    int    `json:"score_cap"`
	ScoreAdjust int    `json:"score_adjust"`
	Notes       string `json:"notes"`
}

AuditNote holds information on a given algorithm identified in a scan.

type CategorySummary 

type CategorySummary struct {
	GoodAlgs  int `json:"good_algs"`
	TotalAlgs int `json:"total_algs"`
}

CategorySummary holds a summary of good algorithms and total algorithms.

type Client 

type Client struct {
	HTTPClient *http.Client
	BaseURL    string
	UserAgent  string
}

Client represents an SSH Audit client.

func NewClient 

func NewClient(app, version string) (*Client, error)

NewClient constructs a client using http.DefaultClient and the default base URL.

func (*Client) PolicyServerAudit 

func (c *Client) PolicyServerAudit(server string, port int, policyName string) (*PolicyServerAuditInfo, error)

PolicyServerAudit runs a policy server audit on a given server.

A policy audit determines if the target adheres to a specific set of expected options. The resulting score is either pass or fail. Policy audits are useful for ensuring a server has been successfully (and remains) hardened.

func (*Client) StandardServerAudit 

func (c *Client) StandardServerAudit(server string, port int) (*StandardServerAuditInfo, error)

StandardServerAudit runs a standard server audit on a given server.

A standard audit evaluates each of the individual cryptographic algorithms supported by the target. An overall score is given based on how many strong, acceptable, and weak options are available.

type Finding 

type Finding struct {
	FindingSummaryTitle string   `json:"finding_summary_title"`
	FindingSummaryBody  string   `json:"finding_summary_body"`
	FindingSolution     string   `json:"finding_solution"`
	FindingReferences   []string `json:"finding_references"`
	FindingAffected     []string `json:"finding_affected"`
}

Finding holds details of issues identified during scan.

type HTTPClientError 

type HTTPClientError struct {
	StatusCode int
	Err        error
}

HTTPClientError custom error to handle with response status.

func (*HTTPClientError) Error 

func (e *HTTPClientError) Error() string

type PingInfo 

type PingInfo struct {
	CSRFToken         string   `json:"csrf_token"`
	ServerPolicyNames []string `json:"server_policy_names"`
	ClientPolicyNames []string `json:"client_policy_names"`
}

PingInfo holds information from a sshaudit.com/ping response.

type PolicyError 

type PolicyError struct {
	Actual           []string `json:"actual"`
	ExpectedOptional []string `json:"expected_optional"`
	ExpectedRequired []string `json:"expected_required"`
	MismatchedField  string   `json:"mismatched_field"`
}

PolicyError holds information on policy errors from an audit.

type PolicyServerAuditInfo 

type PolicyServerAuditInfo struct {
	AuditType      string         `json:"audit_type"`
	TargetServer   string         `json:"target_server"`
	TargetServerIP string         `json:"target_server_ip"`
	PolicyName     string         `json:"policy_name"`
	Passed         bool           `json:"passed"`
	PolicyErrors   []*PolicyError `json:"policy_errors"`
}

PolicyServerAuditInfo holds response from a policy server audit.

type StandardServerAuditInfo 

type StandardServerAuditInfo struct {
	AuditType         string                      `json:"audit_type"`
	Banner            string                      `json:"banner"`
	Kex               []*AuditNote                `json:"kex"`
	Key               []*AuditNote                `json:"key"`
	Enc               []*AuditNote                `json:"enc"`
	Mac               []*AuditNote                `json:"mac"`
	Fin               []string                    `json:"fin"`
	Score             int                         `json:"score"`
	Grade             string                      `json:"grade"`
	Version           string                      `json:"version"`
	TargetServer      string                      `json:"target_server"`
	TargetServerPort  int                         `json:"target_server_port"`
	TargetServerIP    string                      `json:"target_server_ip"`
	Findings          []*Finding                  `json:"findings"`
	CategorySummaries map[string]*CategorySummary `json:"category_summaries"`
}

StandardServerAuditInfo holds results from a standard server audit.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.