You should study your os a bit, to at least get ssh login information to logs.
If I remember correctly, it's located in /var/log/secure (centos) and at least is should be default on many os versions. -- Eero 2015-09-17 23:57 GMT+03:00 Walter York <[email protected]>: > Apologies for my ignorance... > > I have updated /etc/ssh/sshd_config > SyslogFacility AUTHPRIV > LogLevel VERBOSE > > service sshd restart > > > I don't have: /var/log/auth.log > > the following do not appear to contain any extra detail than before... > /var/log/messages > /var/log/audit.log > > How and where do I enable the type of auditing you are looking for... > please assume that I am an imbecile with your instructions... > > > > ------------------------------ > Date: Thu, 17 Sep 2015 23:20:28 +0300 > > Subject: Re: [Openvas-discuss] Setting up SSH connection to WHM (CPanel) > Centos Box > From: [email protected] > To: [email protected] > CC: [email protected] > > Hard to say, as you are not showing any relevant logs of this issue. > > You should enable enought log level of scanned box on sshd and provide > relevant output .. > > Eero > > 2015-09-17 23:17 GMT+03:00 Walter York <[email protected]>: > > I "could" go through the time to create a centos 7 OpenVAS box but that > would take away from the ease of having a single VM (Kali 2) to perform all > of my testing activities. Is there some known issue that openvas 7 won't > authenticate to certain servers via SSH that would necessitate a version > upgrade? > > Something of interest in the target log is: op=login acct="(unknown)". > Yet I have properly entered the root account as the login within OpenVAS. > I must stress that I am able to use Putty on the same openvas box to > successfully connect. > > > > > ------------------------------ > Date: Thu, 17 Sep 2015 23:05:08 +0300 > > Subject: Re: [Openvas-discuss] Setting up SSH connection to WHM (CPanel) > Centos Box > From: [email protected] > To: [email protected] > CC: [email protected] > > well, so it's using openvas 7. You should try centos 7 for scanning box > and install openvas 8 from atomic corp repo. > > -- > Eero > > 2015-09-17 22:57 GMT+03:00 Walter York <[email protected]>: > > selinux does not appear to be installed on the openvas box... this is Kali > v2 > > root@test02:~# getenforce > bash: getenforce: command not found > root@test02:~# cat /etc/sysconfig/selinux > cat: /etc/sysconfig/selinux: No such file or directory > root@test02:~# > > dpkg -l > > ii sctpscan 0.1-1kali1 amd64 SCTP network scanner for > discover > ii sed 4.2.2-4+b1 amd64 The GNU sed stream editor > ii sendemail 1.56-5 all lightweight, command line > SMTP em > > > > ------------------------------ > Date: Thu, 17 Sep 2015 22:37:57 +0300 > Subject: Re: [Openvas-discuss] Setting up SSH connection to WHM (CPanel) > Centos Box > From: [email protected] > To: [email protected] > CC: [email protected] > > Is selinux disabled on openvas box? > > Eero > 17.9.2015 10.27 ip. "Walter York" <[email protected]> kirjoitti: > > I am trying to use OpenVAS to perform a vulnerability scan against a WHM > (CPanel) VPS box. I am unable to get OpenVAS to connect to it either by > username/password or certificate/password. However, on the same OpenVAS > box, I can use putty to connect either way. I have disabled ConfigServer > Security & Firewall and ModSEC. > > Here is output from /var/log/audit/audit.log on the target box... > type=USER_LOGIN msg=audit(1442515160.849:6594): pid=31916 uid=0 > auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 > msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? > addr=75.*.*.* terminal=ssh res=failed' > > I can use Putty on the same OpenVAS box and connect to my target using the > same credential and password or certificate and password with no problems. > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > > > >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
