You are heresecurity
I had a project this week to audit 50 Linux/Unix systems, so after making some improvements to the scripts I re-wrote the documention for my auditing scripts: see http://sean.boran.com/audit
It was required to also check SSH private key files and list those that had no passphrases. A search of the net found two solutions, when were added to the audit SVN respository above.
This is a collection of command line security auditing scripts for Linux/Unix.
Originally by Sean Boran in 2000, with a few improvements over the years.
Auditing the security of an existing Solaris system can be time-consuming, and often requires on-site visits. There are several commercial tools and a few free ones that help, but they can be complicated and require local compilation or configuration.
So a tool was developed with the following aims:
The need: How can firewall port rules be verified? There are scanning tools available, but they are slow and noisy.
The OpenSource tool ‘fester’, by Andrea Barisani at Inversepath, seems up to the task: