SSH (SSF Derivative) Detection

Low Nessus Plugin ID 31421


The remote version of the SSH server is not maintained any more.


According to its banner, the remote SSH server is the SSF derivative.

SSF had been written to be compliant with restrictive laws on cryptography in some European countries, France especially.

These regulations have been softened and OpenSSH received a formal authorisation from the French administration in 2002 and the development of SSF has been discontinued.

SSF is based on an old version of OpenSSH and it implements an old version of the protocol. As it is not maintained any more, it might be vulnerable to dangerous flaws.


Remove SSF and install an up-to-date version of OpenSSH.

See Also

Plugin Details

Severity: Low

ID: 31421

File Name: ssh_ssf.nasl

Version: $Revision: 1.12 $

Type: remote

Published: 2008/03/12

Modified: 2014/05/16

Dependencies: 10267

Risk Information

Risk Factor: Low


Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N