# Install ssh-audit with Homebrew, apk, apt, dnf, MacPorts, Nix, pacman, zypper

SSH server & client auditing. Version 3.9.0 via Homebrew; verified 2026-07-07.

## Install

```sh
sudo av install brew:ssh-audit
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install ssh-audit
```

  Evidence: local Homebrew formula metadata

- MacPorts (94%):

```sh
sudo port install ssh-audit
```

  Evidence: MacPorts ports tree: security/ssh-audit/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

### Linux

- apk (92%):

```sh
sudo apk add ssh-audit
```

  Evidence: Alpine Linux edge package indexes: ssh-audit from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz

- Debian apt (92%):

```sh
sudo apt install ssh-audit
```

  Evidence: Debian stable package indexes: ssh-audit from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz

- dnf (92%):

```sh
sudo dnf install ssh-audit
```

  Evidence: Fedora Rawhide package metadata: ssh-audit from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst

- Nix (92%):

```sh
nix profile install nixpkgs#ssh-audit
```

  Evidence: nixpkgs package indexes: pkgs/by-name/ss/ssh-audit/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

- pacman (92%):

```sh
sudo pacman -S ssh-audit
```

  Evidence: Arch Linux sync databases: ssh-audit from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz

- zypper (92%):

```sh
sudo zypper install ssh-audit
```

  Evidence: openSUSE Tumbleweed package metadata: ssh-audit from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst

## Package facts

- **Package key:** brew:ssh-audit
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/ssh-audit>
- **Version:** 3.9.0
- **Source summary:** SSH server & client auditing
- **Homepage:** <https://github.com/jtesta/ssh-audit>
- **Repository:** <https://github.com/jtesta/ssh-audit>
- **Upstream docs:** <https://github.com/jtesta/ssh-audit#readme>
- **License:** MIT
- **Source archive:** <https://files.pythonhosted.org/packages/b4/95/0dc036428ef8d76e2c812cbec9e69c2020230da32ea0e699908735894a2f/ssh_audit-3.9.0.tar.gz>
- **Last updated:** 2026-07-07T08:04:06Z
- **Generated:** 2026-07-08T18:08:21+00:00

## Executables

- ssh-audit (cli)
- ssh-audit (alias)

## Dependencies

- python@3.14

## Install behavior

- Post-install hook: not defined
- Bottle: available on all

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 3.9.0
- Package-manager updated: 2026-07-07
- Local data: ok
- Upstream repository: https://github.com/jtesta/ssh-audit
- info: No cached GitHub release or tag data was available.
## Project history and usage

ssh-audit is a dependency-free command-line tool for auditing SSH server and client cryptographic configuration.

### Project history

The maintained jtesta/ssh-audit line was created in 2017 and the README identifies it as the v2.0+ continuation of arthepsy/ssh-audit v1.x after the earlier project became inactive.

Version 2.0.0 was released in 2019. Later releases expanded server and client auditing, policy scans, algorithm lookup, hardening guides, JSON output, multi-target scans, and checks related to SSH cryptographic weaknesses.

### Adoption history

The upstream README advertises prebuilt packages for PyPI, Snap, Docker, and Windows, includes badges for PyPI, Homebrew, Docker, and Snap downloads, and links to Repology for broader package status. The input facts list packages in Alpine, Homebrew, Debian/Ubuntu, Fedora/DNF, MacPorts, Nix, Arch, and openSUSE.

### How it is used

Admins and security engineers use ssh-audit against hostnames, addresses, Unix sockets, target lists, or in client-audit mode. It reports banners, key exchange, host-key, encryption, MAC, compression, algorithm history, security warnings, and recommendations.

### Why package nerds care

ssh-audit is package-nerd friendly because it is a single Python CLI with no runtime dependencies, making it easy to package and run in CI, containers, security baselines, and one-off terminal checks across operating systems.

### Timeline

- 2017-09: jtesta/ssh-audit repository created.
- 2019-08: v2.0.0 released as the maintained v2 line.
- 2020: v2.3.0 released with continued feature development.
- 2024-2026: README documents current Python-version support, hardening guides, package surfaces, and v3.x development.

### Related projects

- Related projects and surfaces include arthepsy/ssh-audit, OpenSSH, Dropbear SSH, libssh, PyPI, Docker Hub, Snap, Homebrew, and ssh-audit.com.

### Sources

- <https://api.github.com/repos/jtesta/ssh-audit>
- <https://github.com/jtesta/ssh-audit>
- <https://github.com/jtesta/ssh-audit/releases>
- input.source_facts.package-manager


## Security Notes

broad file, network, media, or database tool signal.

- **Geiger risk:** blue / medium
- broad file, network, media, or database tool signal

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** ssh-audit
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Other Package-Manager Records

- Debian apt - ssh-audit - 3.3.0-2: normalized package name match | Debian stable package indexes: ssh-audit from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz | tool for ssh server & client auditing | https://github.com/jtesta/ssh-audit
- Nix - ssh-audit: normalized package name match | nixpkgs package indexes: pkgs/by-name/ss/ssh-audit/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- Ubuntu apt - ssh-audit - 3.1.0-1: normalized package name match | Ubuntu 24.04 LTS package indexes: ssh-audit from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz | tool for ssh server auditing | https://github.com/jtesta/ssh-audit
- apk - ssh-audit - 3.3.0-r1: normalized package name match | Alpine Linux edge package indexes: ssh-audit from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | SSH server and client configuration auditing | https://github.com/jtesta/ssh-audit
- apk - ssh-audit-doc - 3.3.0-r1: normalized package name match | Alpine Linux edge package indexes: ssh-audit-doc from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | SSH server and client configuration auditing (documentation) | https://github.com/jtesta/ssh-audit
- apk - ssh-audit-pyc - 3.3.0-r1: normalized package name match | Alpine Linux edge package indexes: ssh-audit-pyc from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | Precompiled Python bytecode for ssh-audit | https://github.com/jtesta/ssh-audit
- dnf - ssh-audit - 3.3.0-8.fc45: normalized package name match | Fedora Rawhide package metadata: ssh-audit from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst | An SSH server & client configuration security auditing tool | https://github.com/jtesta/ssh-audit
- pacman - ssh-audit - 3.3.0-3: normalized package name match | Arch Linux sync databases: ssh-audit from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz | SSH configuration auditing | https://github.com/jtesta/ssh-audit
- zypper - ssh-audit - 3.3.0-1.4: normalized package name match | openSUSE Tumbleweed package metadata: ssh-audit from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst | SSH server auditing | https://github.com/jtesta/ssh-audit
- MacPorts - ssh-audit: normalized package name match | MacPorts ports tree: security/ssh-audit/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1


## Related links

- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Secret-risk packages](https://www.automicvault.com/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [python@3.14](https://www.automicvault.com/pkg/brew/python-3-14/) - Runtime dependency declared by Homebrew.
- [ssh-mitm](https://www.automicvault.com/pkg/brew/ssh-mitm/) - Shares av.db curated category or tags: auditing, cli, security, ssh.
- [lynis](https://www.automicvault.com/pkg/brew/lynis/) - Shares av.db curated category or tags: auditing, cli, hardening, security, security-audit.
- [openssh](https://www.automicvault.com/pkg/brew/openssh/) - Shares av.db curated category or tags: cli, security, ssh.
- [skm](https://www.automicvault.com/pkg/brew/skm/) - Shares av.db curated category or tags: cli, security, ssh.
- [ssh-copy-id](https://www.automicvault.com/pkg/brew/ssh-copy-id/) - Shares av.db curated category or tags: cli, security, ssh.
- [ssh-vault](https://www.automicvault.com/pkg/brew/ssh-vault/) - Shares av.db curated category or tags: cli, security, ssh.
- [sshguard](https://www.automicvault.com/pkg/brew/sshguard/) - Shares av.db curated category or tags: cli, security, ssh.
- [sshtrix](https://www.automicvault.com/pkg/brew/sshtrix/) - Shares av.db curated category or tags: cli, security, ssh.
- [censys](https://www.automicvault.com/pkg/brew/censys/) - Both packages touch the same language runtime or ecosystem. Shared terms: cli, client, python, python-3-14, security.
- [certsync](https://www.automicvault.com/pkg/brew/certsync/) - Both packages touch the same language runtime or ecosystem. Shared terms: audit, cli, python, python-3-14, security.

## Combined YAML source

View the package source record on GitHub. [combined/ssh-audit.yml](https://github.com/automic-vault/db/blob/main/combined/ssh-audit.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
