Sorry to interrupt you. First thank you for answer my question "Can't use auth by password in SSLv2". It's ok now.
Now, another question. :) I did every steps according to the article: Using Nessus to perform local security checks on top of SSH.htm. But it didn't work. The Nessusd running machine's IP is 192.168.1.6, the target's IP is 192.168.1.8. First: in 192.168.1.6 su nessus ssh-keygen -t dsa It generated the pair keys: id_dsa and id_dsa.pub in directory /home/nessus/.ssh Second: in 192.168.1.8 add a user named nessus, and set the nessus's password '*' use vipw. copy the id_dsa.pub from 192.168.1.6 to the 192.168.1.8 directory:/home/nessus/.ssh/authorized_keys2. Indeed when I failed I tried other names like:authorized_keys and authorized_keys21 Last: set the ssh's setting like: username: nessus public key: /home/nessus/.ssh/id_dsa.pub private key: /home/nessus/.ssh/id_dsa. etc. in client nessus. When I scan 192.168.1.6, it seems work, I can see some information like: enable local security check in result. But to 192.168.1.8, it seems that the plugin ssh_get_info.nasl didn't work because I can't see any information in result about local security check. I use command: ssh -l nessus 192.168.1.8 in 192.168.1.6. It will succeed login without need any password, seems the dsa public key is working. So I'm confused. Could you be kind to give me more details about this? Any problems in my steps? Any suggestions will be appreciated. Thanks. The OS is Redhat 9, nessus version is 2.2.2a ______________________________________ ע������������䣬����2G�ռ䣡�� http://mail.sina.com.cn/chooseMode.html �� =================================================================== ��HP����̨ʽ������Ӯ�������ٷְ٣� (http://ad4.sina.com.cn/wx/ads/hpzhuiyu117.html) _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
