Renaud,
Problem solved but still a mystery! Both key authentication or a
password-based now work just fine. The Key authentication was a
normal one made with "ssh-keygen -t dsa" I then dropped the ".pub
key on the target machine in the scan accounts .ssh directory. AT
first that didn't work any better than username/password. On these
some 70 odd OSX boxes, he is using OpenLDAP services for all the home
directories. Once again I could always "ssh" in every time. I
examined the original secure.log files and noticed that successful
Nessus credential logins occurred when the network DNS server
properly resolved both forward and reverse lookups for the host IP.
The hosts that failed had the reverse DNS lookup broken. It was a
simple misconfiguration on the DNS server. When corrected, I could
Nessus login on every host.
I seem to have fixed the problem but don't know why. I have no other
users using OpenLDAP to host user accounts. A cool thing about this
is I have only one OSX account for scanning with the oublic key in
it's .ssh directory,, not ONE per host. Otherwise, I would have to
push that public key to each of 70 hosts. But the DNS reverse lookup
business confuses me.
Ideas?
Ron
------------------------------------------------------------------------
----------------------------------------------
Hi Ron,
We can not reproduce your problem here (tested against 10.5.5 with
both password authentication and public key authentication).
Are you doing a key authentication or a password-based one? If it's a
public key authentication, i'd be interested in seeing the format of
the public key you're using (you can send it to me privately)
Thanks,
-- Renaud
On Nov 6, 2008, at 12:07 AM, Ron wrote:
> I am supporting a sysadmin with 70 OSX workstations and servers. I
> have installed Nessus 3.2.1 client and server on the admin host. I
> can reliability perform a Local Security Check on some OSX boxes and
> not others.. They are all either Tiger (10.4.11) or Leopard
> (10..5.5). I have tried both SSH username/passwords and public/
> private keys authentication with identical results. In addition, I
> can always connect with "ssh" directly with either username/password
> and Pub/private keys.
>
> Even though my "ssh/sshd" is current (OpenSSH 5.1), possibly Nessus
> itself is using it's own "ssh" client internal to Nessus itself.
> Maybe there is a problem there.
>
> I think I have followed the "Nessus Credential Checks for Unix and
> Windows" exactly. But obviously something is wrong. I'm open to
> any ideas.
>
> Thanks
>
> Ron
> backvan at mac.com
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
