SSHOW(8) System Manager's Manual SSHOW(8)

sshow - SSH traffic analysis tool

sshow [-d] [-i interface | -p pcapfile] [expression]

sshow analyzes encrypted SSH-1 and SSH-2 traffic, identifying authentication attempts, the lengths of passwords entered in interactive sessions, and command line lengths.

The following advisory describes the attacks implemented by sshow in detail:

Enable verbose debugging output.
Specify the interface to listen on.
Process packets from the specified PCAP capture file instead of the network.
Specify a tcpdump(8) filter expression to select traffic to sniff.

dsniff(8), sshmitm(8)

Solar Designer <>
Dug Song <>