FICHA · FLATHUB

SSH-MITM

SSH-MITM - ssh audits made simple

Official OARS · imported from upstream · official · May 24, 2026 description in en

Description

SSH-MITM is a man in the middle SSH Server for security audits and malware analysis.

Password and publickey authentication are supported and SSH-MITM is able to detect, if a user is able to login with publickey authentication on the remote server. This allows SSH-MITM to accept the same key as the destination server. If publickey authentication is not possible, the authentication will fall back to password-authentication.

When publickey authentication is possible, a forwarded agent is needed to login to the remote server. In cases, when no agent was forwarded, SSH-MITM can rediredt the session to a honeypot.

Features

publickey and password authentication

Phishing FIDO Tokens (Information from OpenSSH)

hijacking and logging of terminal sessions

store and replace files during SCP/SFTP file transferes

port porwarding with SOCKS 4/5 support

intercept MOSH connections

audit clients against known vulnerabilities

plugin support

Permissions

No data

no manifest perms