SSH (SSF Derivative) Detection
Low Nessus Plugin ID 31421
SynopsisThe remote version of the SSH server is not maintained any more.
DescriptionAccording to its banner, the remote SSH server is the SSF derivative.
SSF had been written to be compliant with restrictive laws on cryptography in some European countries, France especially.
These regulations have been softened and OpenSSH received a formal authorisation from the French administration in 2002 and the development of SSF has been discontinued.
SSF is based on an old version of OpenSSH and it implements an old version of the protocol. As it is not maintained any more, it might be vulnerable to dangerous flaws.
SolutionRemove SSF and install an up-to-date version of OpenSSH.