Hey Mark, I've had problems like that before too, though not with all
unix/linux systems.
Ultimately what we ended up doing was using public key authentication
instead, which works fine. Go figure.
--------
Jeff Mercer - CISO - Security Vulnerability Assessments
________________________________
From: [email protected]
[mailto:[email protected]] On Behalf Of Lambert, Mark
Sent: Tuesday, January 27, 2009 3:04 PM
To: [email protected]
Subject: Scanning Linux box with Credentials
All,
I have having a problem with SSH credentials on an internal
Linux box I'm trying to scan. The box I'm scanning is a RedHat box and I
can manually SSH with any SSH2 client to it.
I supply the credentials and I get logged in just fine. BUT.....
When I configure the settings below in my nessus rules file,
-SSH settings[entry]:SSH user name : = XYZ
-SSH settings[entry]:Preferred SSH port : = 22
-SSH settings[password]:SSH password (unsafe!) : = XYZPassword
I get the response below:
The local security checks are disabled. Description: The
credentials provided for the scan did not allow us to log into the
remote host, or the remote operating system is not supported. Risk
factor : None Plugin output : It was not possible to log into the remote
host via ssh
Am I missing some dependencies somewhere in the rules file?
Just for grins also, I have turned on ALL plugins. I know that is not
desirable, but I was trying anything to get it to log in properly.
Sincerely,
Mark
______________________________________________________________________
For information pertaining to Willis' email confidentiality and
monitoring policy, usage restrictions, or for specific company
registration and regulatory status information, please visit
http://www.willis.com/email_trailer.aspx
______________________________________________________________________
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
