when JDisc Discovery connects via secure shell (SSH) to a device then the device’s SSH agent returns its remote identification string – even if the access credentials do not match. The remote identification string usually contains the vendor or the SSH service on the device and its version. In the past, JDisc Discovery was ignoring this information. Now we capture this information and store the identifier within our database. That enables users to get an overview over their SSH agents used on the devices and to check for SSH vulnerabilities within your network.
A new report in Software > Security > SSH Remote Identifier lists all identifiers together with the number of devices.
Figure: SSH Remote Identifier Report
The report explains, that we are still using openSSH 5.3 on 4 devices. If you check the OpenSSH security page, then you can see that there exist multiple vulnerabilities for this version.
Hope you like this new feature (coming in build 4023).