Need more details about Nessus to perform local security checks on top of SSH

Tom Lapp tmlapp at gmail.com
Sat Jan 29 12:07:32 EST 2005 

I am recieving the following error when scanning a gentoo box with
GLSA plugins.  I'm not sure what I am missing.  I have
gentoolkit-0.2.0_pre8-r1 installed.

Not launching gentoo_GLSA-200409-02.nasl against xx.xx.xx.xx because
the key Host/Gentoo/qpkg-list is missing (this is not an error)

Can anyone point me in the right direction.

Thanks

tom



On Fri, 28 Jan 2005 09:24:58 -0500, Nicolas Pouvesle
<npouvesle at tenablesecurity.com> wrote:
> Could you switch log verbosity to "Verbose" in Global variable settings.
> ssh_get_info.nasl should give the reason why the login has failed in
> verbose mode.
> 
> Nicolas
> 
> cxiangl wrote:
> > I did every steps according to the article: Using Nessus to perform local security checks on top of SSH.htm. But it didn't work.
> > The Nessusd running machine's IP is 192.168.1.6, the target's IP is 192.168.1.8.
> > First: in 192.168.1.6
> > su nessus
> > ssh-keygen -t dsa
> > It will generate the keys: id_dsa and id_dsa.pub in /home/nessus/.ssh
> > Second: in 192.168.1.8
> > add a user named nessus, and set the nessus's password * use vipw. copy the id_dsa.pub from 192.168.1.6 to the 192.168.1.8 directory:/home/nessus/.ssh/authorized_keys2. Indeed when I failed I tried other names like:authorized_keys and authorized_keys21
> > Last: set the ssh's setting like username: nessus, public key /home/nessus/.ssh/id_dsa.pub, private key: /home/nessus/.ssh/id_dsa. etc. in client nessus.
> > When I scan 192.168.1.6, it seems work, I can see some information like: enable local security check in result. But to 192.168.1.8, it seems that the plugin ssh_get_info.nasl didn't work. can't see any information in result about local security check.
> > I use command:
> > ssh -l nessus 192.168.1.8
> > in 192.168.1.6. It will succeed without need any password, seems the dsa public key is working.
> > So I'm confused. Is there anyone could give me more details about this? Any problems in my steps?
> > Any suggestions will be appreciated.
> > The OS is Redhat 9, nessus version is 2.2.2a
> >
> > 
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Nessus mailing list
> > Nessus at list.nessus.org
> > http://mail.nessus.org/mailman/listinfo/nessus
> 
> _______________________________________________
> Nessus mailing list
> Nessus at list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>

More information about the Nessus mailing list