Skip to content
/ ssh-eol-checker Public

Nmap SSH Banner EOL Checker - Identifies Ubuntu and Debian versions from SSH banners and checks their EOL status

License

BSD-3-Clause license
2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jonaslejon/ssh-eol-checker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
.github/workflows
.github/workflows
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
eol_check.py
eol_check.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

SSH EOL Checker

A Python script that parses Nmap XML output to identify SSH services and check if the underlying operating system has reached End of Life (EOL).

Features

  • Parses Nmap XML output files to detect SSH services on any port
  • Identifies Ubuntu and Debian versions from SSH banners
  • Queries the endoflife.date API to check EOL status
  • Color-coded output for easy identification of EOL systems
  • Detects ESM (Extended Security Maintenance) packages
  • In-memory caching to minimize API requests

Supported Distributions

Ubuntu

  • 24.04 (Noble)
  • 22.04 (Jammy)
  • 20.04 (Focal)
  • 18.04 (Bionic)
  • 16.04 (Xenial)
  • 14.04 (Trusty)

Debian

  • 12 (Bookworm)
  • 11 (Bullseye)
  • 10 (Buster)
  • 9 (Stretch)

Installation

Prerequisites

  • Python 3.6 or higher
  • Required Python packages: 
    pip install requests colorama

Clone the Repository

git clone https://github.com/jonaslejon/ssh-eol-checker.git
cd ssh-eol-checker

Usage

1. Scan with Nmap

First, perform an Nmap scan with version detection and XML output:

# Scan common SSH ports
nmap -sV -p 22,2222 --open -oX nmap_scan.xml <target_ips>

# Or scan all TCP ports (slower)
nmap -sV -p- --open -oX nmap_scan.xml <target_ips>

2. Run the EOL Checker

python eol_check.py nmap_scan.xml

Example Output

--- SSH EOL Check Report (2025-10-13 14:30:45) ---
Source File: nmap_scan.xml

192.168.1.10:22       - Ubuntu 14.04         - EOL                - SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13
192.168.1.20:22       - Ubuntu 22.04         - Supported          - SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.1
192.168.1.30:22       - Debian 11            - Supported          - SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u1
192.168.1.40:2222     - Ubuntu 16.04 (ESM detected) - EOL         - SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10+esm3

--- End of Report ---

Output Legend

  • Green (Supported): The OS version is still receiving security updates
  • Red (EOL): The OS version has reached End of Life
  • Yellow (EOL Unknown): Unable to determine EOL status or OS version unknown
  • Magenta (ESM detected): Extended Security Maintenance package detected

How It Works

  1. Parses the Nmap XML file to find all open ports with SSH services
  2. Extracts the SSH banner information from the service detection
  3. Uses regex patterns to identify the distribution and package version
  4. Maps package versions to OS releases (e.g., 2ubuntu2 → Ubuntu 14.04)
  5. Queries the endoflife.date API to check if the version is EOL
  6. Displays color-coded results with EOL status

License

This project is licensed under the BSD 3-Clause License - see the LICENSE file for details.

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Acknowledgments

About

Nmap SSH Banner EOL Checker - Identifies Ubuntu and Debian versions from SSH banners and checks their EOL status

Resources

Readme

License

BSD-3-Clause license
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages