Hey Mark, I've had problems like that before too, though not with all unix/linux systems. Ultimately what we ended up doing was using public key authentication instead, which works fine. Go figure.
-------- Jeff Mercer - CISO - Security Vulnerability Assessments ________________________________ From: nessus-boun...@list.nessus.org [mailto:nessus-boun...@list.nessus.org] On Behalf Of Lambert, Mark Sent: Tuesday, January 27, 2009 3:04 PM To: nessus@list.nessus.org Subject: Scanning Linux box with Credentials All, I have having a problem with SSH credentials on an internal Linux box I'm trying to scan. The box I'm scanning is a RedHat box and I can manually SSH with any SSH2 client to it. I supply the credentials and I get logged in just fine. BUT..... When I configure the settings below in my nessus rules file, -SSH settings[entry]:SSH user name : = XYZ -SSH settings[entry]:Preferred SSH port : = 22 -SSH settings[password]:SSH password (unsafe!) : = XYZPassword I get the response below: The local security checks are disabled. Description: The credentials provided for the scan did not allow us to log into the remote host, or the remote operating system is not supported. Risk factor : None Plugin output : It was not possible to log into the remote host via ssh Am I missing some dependencies somewhere in the rules file? Just for grins also, I have turned on ALL plugins. I know that is not desirable, but I was trying anything to get it to log in properly. Sincerely, Mark ______________________________________________________________________ For information pertaining to Willis' email confidentiality and monitoring policy, usage restrictions, or for specific company registration and regulatory status information, please visit http://www.willis.com/email_trailer.aspx ______________________________________________________________________
_______________________________________________ Nessus mailing list Nessus@list.nessus.org http://mail.nessus.org/mailman/listinfo/nessus