icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

SSF Server Detection

Low

Synopsis

The remote version of the SSH server is no longer maintained.

Description

According to its banner, the remote SSH server is a SSF derivative. SSF had been written to be compliant with restrictive laws on cryptography in some European countries. These regulations have been softened and OpenSSH received a formal authorization from the French administration in 2002 and the development of SSF has been discontinued. SSF is based upon an old version of OpenSSH and it implements an old version of the protocol. As it is no longer maintained, it might be vulnerable to dangerous flaws.

Solution

Remove SSF and install an up-to-date version of OpenSSH.