Mailing List Archive

Lambert, Mark wrote:
> All,
> I have having a problem with SSH credentials on an internal Linux
> box I'm trying to scan. The box I'm scanning is a RedHat box and I can
> manually SSH with any SSH2 client to it.
> I supply the credentials and I get logged in just fine. BUT..... When I
> configure the settings below in my nessus rules file,
>
> -SSH settings[entry]:SSH user name : = XYZ
> -SSH settings[entry]:Preferred SSH port : = 22
> -SSH settings[password]:SSH password (unsafe!) : = XYZPassword
>
> I get the response below:
>
> The local security checks are disabled. Description: The credentials
> provided for the scan did not allow us to log into the remote host, or
> the remote operating system is not supported. Risk factor : None Plugin
> output : It was not possible to log into the remote host via ssh
>
> Am I missing some dependencies somewhere in the rules file? Just for
> grins also, I have turned on ALL plugins. I know that is not desirable,
> but I was trying anything to get it to log in properly.
>
> Sincerely,
> Mark

Hi Mark,

Could you check the ssh logs on the system you are trying to connect to
while your Nessus scan is running? Or better yet, put sshd into debug
mode and see what it says about your login from Nessus.

Ron Gula, CTO
Tenable Network Security


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

Hey Mark, I've had problems like that before too, though not with all
unix/linux systems.

Ultimately what we ended up doing was using public key authentication
instead, which works fine. Go figure.


--------
Jeff Mercer - CISO - Security Vulnerability Assessments





________________________________

From: nessus-bounces@list.nessus.org
[mailto:nessus-bounces@list.nessus.org] On Behalf Of Lambert, Mark
Sent: Tuesday, January 27, 2009 3:04 PM
To: nessus@list.nessus.org
Subject: Scanning Linux box with Credentials


All,
I have having a problem with SSH credentials on an internal
Linux box I'm trying to scan. The box I'm scanning is a RedHat box and I
can manually SSH with any SSH2 client to it.
I supply the credentials and I get logged in just fine. BUT.....
When I configure the settings below in my nessus rules file,

-SSH settings[entry]:SSH user name : = XYZ
-SSH settings[entry]:Preferred SSH port : = 22
-SSH settings[password]:SSH password (unsafe!) : = XYZPassword

I get the response below:

The local security checks are disabled. Description: The
credentials provided for the scan did not allow us to log into the
remote host, or the remote operating system is not supported. Risk
factor : None Plugin output : It was not possible to log into the remote
host via ssh

Am I missing some dependencies somewhere in the rules file?
Just for grins also, I have turned on ALL plugins. I know that is not
desirable, but I was trying anything to get it to log in properly.

Sincerely,
Mark






______________________________________________________________________

For information pertaining to Willis' email confidentiality and
monitoring policy, usage restrictions, or for specific company
registration and regulatory status information, please visit
http://www.willis.com/email_trailer.aspx

______________________________________________________________________