Hardcoded SSH Host Key Detection

Info Nessus Network Monitor Plugin ID 7281


A hardcoded, non-unique SSH host key has been detected.


The remote host is using a hardcoded, non-unique SSH host key. This may allow a remote, unauthenticated attacker to carry out impersonation, man-in-the-middle, or passive decryption attacks, resulting in sensitive information exposure.


Where possible, users of affected devices should manually replace SSH host keys so that they are unique to the device.

Plugin Details

Severity: Info

ID: 7281

Version: 1.0

Family: Generic

Published: 2017/08/20

Updated: 2018/08/16

Risk Information

Risk Factor: Info