In this tutorial, I am going to teach you how to crack an SSH password. In addition, I’ll show you how to find a computer running an SSH service by performing a network scan with Nmap. I created this tutorial on my Kali Linux machine; however this tutorial is for BackTrack 5 users also.
Because this is a brute force attack, you’ll need a wordlist. If you don’t have a wordlist or you don’t know how to create one, refer to one of the following tutorials:
How To: Create A Wordlist With Crunch
How To: Password Profiling With CUPP
Note: It is illegal to perform this attack on any SSH server that doesn’t belong to you. The information presented in this tutorial is for educational purposes only.