Secure Shell (SSH) is a remote management protocol.
On contrary to insecure login protocols (Telnet, Rlogin) and file transfer protocols (FTP), strong identity verification alternatives and encryption during data transfer ensures data security.
You can connect to the target system via SSH by using PuTTY software on Windows operating system, JuiceSSH software on Android mobile phones, Prompt software on iOS mobile phones or command-line interface (ex. bash, iterm, powershell).
In some cases, SSH servers support older and less secure SSH Version 1.
SSHv1 protocol contains fundamental vulnerabilities. Your data security can compromised due to these vulnerabilities. Today, all modern SSH clients support SSHv2.
It is easier to check with our free and online SSH Protocol Version 1 Vulnerability scanner tool. To do this, you can start by typing your domain name in the form on top of the page and start scanning.
Or you can run nmap --script sshv1 -p 22 Target_Host command on nmap tool which can be installed to all operating systems.
Also, you can use ssh_version auxiliary module of “Metasploit Framework” to check the vulnerability.
Lastly, you can check manually. For example, you can check whether SSH service is impacted by this vulnerability in Ubuntu servers as follows:
If you want to eliminate this vulnerability, change Protocol = 1 line with Protocol = 2.
Also, you can check the vulnerability with the following command:
ssh -1 [email protected]_IP_Address
If your SSH server only supports SSHv2, the command will end with the following error when you run “-1” option: Protocol major versions differ: 1 vs. 2
If you want your SSH servers to be safe from this vulnerability, you need to set the version supporting SSH service as 2. (For Ubuntu, change “Protocol = ” line in /etc/ssh/ssh_config file with “Protocol = 2” line).