This page in a nutshell: Sometimes it's simply just too soon for some topics to have an article.
|Initial release||June 11, 2020|
0.4.0 / 12 February 2021
Search SSH-MITM on Amazon.
SSH-MITM is a man in the middle SSH Server for security audits and malware analysis. Unlike other ssh servers, SSH-MITM is used to forward a ssh session to another server and log the complete session and file transfers.
SSH-MITM uses Python Paramiko as ssh library which implements version 2 of the Secure Shell (SSH) protocol. 
SSH version 1 is not supported. Due to this limitations, SSH-MITM is not able to do a downgrade attack on a ssh session.
SSH-MITM is used to analyze ssh sessions during security audits and malware analysis. To intercept the session, SSH-MITM has to act as a man in the middle server and supports password and public key authentication.
If the ssh client uses password for authentication, the credentials can be reused to authenticate against the remote server. Intercepting public key authentication is possible, but has some limitations, which can be circumvented, if the clients forwards the ssh-agent. If the ssh-agent is forwarded to SSH-MITM, the agent can be used to authenticate against remote servers.
After the client has connected to SSH-MITM, the terminal session is hijacked and it is possible to interact with the shell on the remote server. It is also possible to store or modify files during SCP and SFTP file transfers.
SSH-MITM can be used for security audits and has checks for some known vulnerabilities like an information leak in OpenSSH up to Version 8.4.
In cases, where the OpenSSH client has knowledge about the remote servers fingerprint, SSH-MITM is able to detect that the client will abort the connection with a man in the middle attack attempt. This is possible because some clients have an Information leakage, when connecting to a ssh server. If the client connects for the first time, a list of crypto algorithms are sent in a predefined order, but when the client has knowledge about the remotes fingerprint, the algorithms are sent in a different order.
SSH-MITM is a man in the middle tool and should only used for security audits or malware analysis.
Due to the fact, that known exploits for ssh clients are implemented  and used to intercept the clients, SSH-MITM should be treated as a security risk and must not be used as jump server.
The main development platform is Linux, because the server supports the Tproxy kernel feature, which is used for transparent proxy support.
SSH-MITM is open source, licensed under the LGPL-3.0 
Other articles of the topic Free and open-source software : Zig (programming language), Moleculer, Arrow (software), Tiny-Wiki, Corrector.co, Angular, Shampoo (software)
Some use of "" in your query was not closed by a matching "".Some use of "" in your query was not closed by a matching "".
- Secure Shell
- Teleport Server
- Comparison of SSH servers
- SSH-MITM Homepage
- SSH-MITM Source on Github
- Linuxnews.de - SSH MITM Proxy Server für Security Audits einsetzen (german)
This article "SSH-MITM" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:SSH-MITM. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.