> Did you build openvas(-libraries) with optimization flags (e.g. -O2)? If so, > please try again without optimization. There is a related bug, but afair the > outcome was different. Still, might be worth a try.
I build openvas-libraries however the openvas-packaging was configured to build them, which was with -O2. I patched debian/rules and rebuild openvas-libraries and openvas-scanner. No luck, looks like all the logs entries are the same. >> no extended credentials makes me wonder. > > Hehe. We discussed it yesterday and changed the message. The change was done > to make people wonder less. Ignore that message. Okay. Looking at other bits of log files, things that look a little fishy are the "process_internal_msg for gather-package-list.nasl returned -1" from openvassd's log, and the report's comment about how it I only support publickey auth, and not passwords. If I configure ssh to accept passwords, and set my target user's password to the string in tasks.db, ssh logs the connection attempt as failed password auth, and the scan report changed to "failed auth" It feels like the ssh auth stuff is broken? As far as I can tell ssh is implemented by the nasl files, and I can see there's stuff there for publickey auth, but I can't really make much of it. Suggestions? Other debugging paths? seph _______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
