Hi Roch,
On Jun 7, 2007, at 12:14 PM, Roch wrote:
Hi,
When verifying ssh login credentials to a Redhat ES 4.0 system I am
getting:
Unknown function 'aes_cbc_encrypt' (ssh_test.nasl, line 576)
Unknown function 'tripledes_cbc_encrypt' (ssh_test.nasl, line 578)
Unknown function 'aes_cbc_encrypt' (ssh_test.nasl, line 576)
Unknown function 'tripledes_cbc_encrypt' (ssh_test.nasl, line 578)
Unknown function 'aes_cbc_decrypt' (ssh_test.nasl, line 596)
Unknown function 'tripledes_cbc_decrypt' (ssh_test.nasl, line 598)
Unknown function 'aes_cbc_decrypt' (ssh_test.nasl, line 596)
Unknown function 'tripledes_cbc_decrypt' (ssh_test.nasl, line 598)
After running nasl -X -t ip.of.host. ssh_test.nasl
Turns out it is trying to log in using blowfish-cbc encryption as it
doesn't recognise the others. Has something changed in ssh_func.inc?
These warnings are harmless and only occur when in command-line mode.
Currently, Nessus 2.x and 3.0 only support blowfish-cbc encryption.
In Nessus 3.1.x we've added support for AES and 3DES and we modified
ssh_func.inc to account for that.
Given how the script is written, it still works well with Nessus 2.x
and 3.0.x and in Nessus 3.1.x it has the ability to also negotiate
AES and 3DES.
-- Renaud
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
