ssh-audit on AIX server

[veguzmanch]

Hello

How reliable is ssh-audit auditing on AIX servers?

Regards,
Victor

[jtesta]

In general, it is both very reliable and accurate. The only issue comes when it encounters a rare SSH implementation that includes a unique algorithm(s). If you're running OpenSSH on AIX, then the results will be similar to, say, OpenSSH on Linux. That said, there is no hardening guide written for the AIX platform specifically. But assuming its based on OpenSSH, one could easily adapt the Ubuntu 24 guide to it (and then submit the instructions as a community-provided guide, as per https://github.com/jtesta/ssh-audit/wiki/SSH-Hardening-Guides-Index). Out of curiosity, what SSH implementation does AIX use these days?

[veguzmanch]

Hello Testa
Thank you very much for your prompt reply.

We use openssl and openssh in the following versions:

OpenSSH_8.1p1, OpenSSL 1.0.2u 20 Dec 2019
OpenSSH_9.7p1, OpenSSL 3.0.15 3 Sep 2024

Regards,

[jtesta]

Are you compiling those yourself from the official OpenSSH releases, or are those provided by the AIX package manager? If you're compiling them yourself, you'll have absolutely no problems (at least... no special issues that are AIX-specific). If those OpenSSH versions are provided by the AIX platform, then its possible that special changes were made to them; if you get any surprising results, please file a Github Issue so they can be fixed. I'd expect you will have no problems, however.