Hello Francesco,
On Friday 09 April 2010 16:16:37 Vincenti Francesco wrote:
> I started to test my OpenVAS tool (2.x.x), installed on a Fedora C7 OS,
> and I tried to activate the Local Security Checks to analyze the
> features it offers.
I recommend to switch to OpenVAS 3.0 in general.
However, the LSCs should work for both 2.0 and 3.0.
> I built a scope with Fedora Local Security Checks plugins and others
> activated, to analyze localhost (the host where server and client are
> installed).
Have you enable dependencies at runtime?
> I put the data suggested by documentation under "Credentials" section
> and I started the scope not as root but as a normal user.
You mean the scanner is running as normal user?
Or do you mean the remote user on the target system?
However, LSCs sould work nicely even via less privileged users.
> So, I thought the SSH publickey connection worked well!
yes, looks OK.
> But, when I analyzed /var/log/secure, I found the following message:
>
>
>
> Apr 9 11:00:06 hostname sshd[8518]: Did not receive identification
> string from 127.0.0.1
>
> Apr 9 11:00:09 hostname sshd[8529]: Accepted publickey for sshovas from
> 127.0.0.1 port 11262 ssh2
>
> Apr 9 11:00:09 hostname sshd[8529]: pam_unix(sshd:session): session
> opened for user sshovas by (uid=0)
>
> Apr 9 11:00:12 hostname sshd[8570]: Invalid user openvas from 127.0.0.1
>
> Apr 9 11:00:12 hostname sshd[8573]: input_userauth_request: invalid
> user openvas
Can you check you did not mix users "sshovas" and "openvas" in some way?
> After other tests, i verified that the error sequence regarding user
> openvas in /var/log/secure appears also without executing Local Security
> Checks plugins.
This observation is OK.
The actual LSCs only do checks on the KB without connecting a target system.
Its the other scripts that do active connection to the target system and
retrieve
package dabase etc.
All the best
Jan
--
Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück
AG Osnabrück, HR B 202460 | Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver
Wagner
_______________________________________________
Openvas-discuss mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss