Hi there,
I'm trying to do an authenticated scan to an SSH debian server with a
private key. When I use the private key by myself, it works perfectly
but when using OpenVAS, the connection fails.
I've attached extract from the server logs that shows that the SSH client
(OpenVAS) closes the connection when the server expects and another extract
that shows the successful manual connection.
Could anyone point me to the right direction to debug this problem ?
Thanks
--
Ghislain Lévêque | R&D
Phone. +33(0)5.82.95.51.15 <tel:%2B33%280%295.82.95.51.15> | Email.
[email protected] <mailto:[email protected]>
www.itrust.fr <https://www.itrust.fr/> | IT Security Experts (Services &
Solutions)| Keep Information Security Simple
This message (and any attachments) is confidential and is intended for
the sole use of the person or entity to whom it is addressed
<https://twitter.com/ITrust_France><https://fr.linkedin.com/in/ghislainleveque>
Jan 11 10:34:39 webapps-01 sshd[1960]: debug1: Forked child 27645.
Jan 11 10:34:39 webapps-01 sshd[27645]: Set /proc/self/oom_score_adj to 0
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: rexec start in 5 out 5 newsock
5 pipe 10 sock 11
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: inetd sockets after dupping: 3,
3
Jan 11 10:34:39 webapps-01 sshd[27645]: Connection from 141.0.205.28 port 12322
on 217.182.93.181 port 22
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: Client protocol version 2.0;
client software version OpenSSH-keyscan
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: match: OpenSSH-keyscan pat
OpenSSH* compat 0x04000000
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: Enabling compatibility mode for
protocol 2.0
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: Local version string
SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u4
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: permanently_set_uid: 107/65534
[preauth]
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: list_hostkey_types:
ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: SSH2_MSG_KEXINIT received
[preauth]
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: kex: client->server aes128-ctr
[email protected] none [preauth]
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: kex: server->client aes128-ctr
[email protected] none [preauth]
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: SSH2_MSG_KEX_DH_GEX_REQUEST
received [preauth]
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
[preauth]
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: expecting
SSH2_MSG_KEX_DH_GEX_INIT [preauth]
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
[preauth]
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: expecting SSH2_MSG_NEWKEYS
[preauth]
Jan 11 10:34:39 webapps-01 sshd[27645]: Connection closed by 141.0.205.28
[preauth]
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: do_cleanup [preauth]
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: monitor_read_log: child log fd
closed
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: do_cleanup
Jan 11 10:34:39 webapps-01 sshd[27645]: debug1: Killing privsep child 27646
Jan 11 17:04:33 webapps-01 sshd[1960]: debug1: Forked child 6148.
Jan 11 17:04:33 webapps-01 sshd[6148]: Set /proc/self/oom_score_adj to 0
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: rexec start in 5 out 5 newsock 5
pipe 7 sock 8
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: inetd sockets after dupping: 3, 3
Jan 11 17:04:33 webapps-01 sshd[6148]: Connection from 141.0.205.28 port 6097
on 217.182.93.181 port 22
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: Client protocol version 2.0;
client software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: match: OpenSSH_6.6.1p1
Ubuntu-2ubuntu2.8 pat OpenSSH_6.6.1* compat 0x04000000
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: Enabling compatibility mode for
protocol 2.0
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: Local version string
SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u4
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: permanently_set_uid: 107/65534
[preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: list_hostkey_types:
ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: SSH2_MSG_KEXINIT received
[preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: kex: client->server aes128-ctr
[email protected] none [preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: kex: server->client aes128-ctr
[email protected] none [preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: SSH2_MSG_KEX_DH_GEX_REQUEST
received [preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
[preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: expecting
SSH2_MSG_KEX_DH_GEX_INIT [preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
[preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: expecting SSH2_MSG_NEWKEYS
[preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: SSH2_MSG_NEWKEYS received
[preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: KEX done [preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: userauth-request for user debian
service ssh-connection method none [preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: attempt 0 failures 0 [preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: PAM: initializing for "debian"
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: PAM: setting PAM_RHOST to
"141.0.205.28"
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: PAM: setting PAM_TTY to "ssh"
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: userauth-request for user debian
service ssh-connection method publickey [preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: attempt 1 failures 0 [preauth]
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: temporarily_use_uid: 1000/1000
(e=0/0)
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: trying public key file
/home/debian/.ssh/authorized_keys
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: fd 4 clearing O_NONBLOCK
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: matching key found: file
/home/debian/.ssh/authorized_keys, line 2 RSA
b6:30:36:60:50:0d:c8:a9:ad:3d:b8:41:22:7d:f4:ef
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: restore_uid: 0/0
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: do_pam_account: called
Jan 11 17:04:33 webapps-01 sshd[6148]: Accepted publickey for debian from
141.0.205.28 port 6097 ssh2: RSA b6:30:36:60:50:0d:c8:a9:ad:3d:b8:41:22:7d:f4:ef
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: monitor_child_preauth: debian
has been authenticated by privileged process
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: monitor_read_log: child log fd
closed
Jan 11 17:04:33 webapps-01 sshd[6148]: debug1: PAM: establishing credentials
Jan 11 17:04:33 webapps-01 sshd[6148]: pam_unix(sshd:session): session opened
for user debian by (uid=0)
Jan 11 17:04:34 webapps-01 sshd[6148]: User child is on pid 6196
Jan 11 17:04:34 webapps-01 sshd[6148]: debug1: session_new: session 0
Jan 11 17:04:34 webapps-01 sshd[6148]: debug1: SELinux support disabled
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
