Can't perform local security check

Nicolas Pouvesle npouvesle at tenablesecurity.com
Sun Jan 30 09:40:49 EST 2005 

It seems you allready posted this question (see thread : Need more 
details about Nessus to perform local security checks on top of SSH).
And my answer was :

Could you switch log verbosity to "Verbose" in Global variable settings.
ssh_get_info.nasl should give the reason why the login has failed in 
verbose mode.

...


Nicolas


whongj wrote:
> Sorry to interrupt you. First thank you for answer my question "Can't use auth by password in SSLv2". It's ok now.
> 
> Now, another question. :) 
> I did every steps according to the article: Using Nessus to perform local security checks on top of SSH.htm. But it didn't work. 
> The Nessusd running machine's IP is 192.168.1.6, the target's IP is 192.168.1.8. 
> First: in 192.168.1.6
> su nessus
> ssh-keygen -t dsa
> It generated the pair keys: id_dsa and id_dsa.pub in directory /home/nessus/.ssh
> Second: in 192.168.1.8
> add a user named nessus, and set the nessus's password '*' use vipw. copy the id_dsa.pub from 192.168.1.6 to the 192.168.1.8 directory:/home/nessus/.ssh/authorized_keys2. Indeed when I failed I tried other names like:authorized_keys and authorized_keys21
> Last: set the ssh's setting like:
>  username: nessus
>  public key: /home/nessus/.ssh/id_dsa.pub
>  private key: /home/nessus/.ssh/id_dsa. etc. in client nessus. 
> When I scan 192.168.1.6, it seems work, I can see some information like: enable local security check in result. But to 192.168.1.8, it seems that the plugin ssh_get_info.nasl didn't work because I can't see any information in result about local security check.
> I use command: 
> ssh -l nessus 192.168.1.8
> in 192.168.1.6. It will succeed login without need any password, seems the dsa public key is working.
> So I'm confused. Could you be kind to give me more details about this? Any problems in my steps?
> Any suggestions will be appreciated. Thanks.
> The OS is Redhat 9, nessus version is 2.2.2a
> 
> ______________________________________
> 
> ×¢²áÐÂÀËÃâ·ÑÓÊÏ䣬¼¤»î2G¿Õ¼ä£¡£¨ http://mail.sina.com.cn/chooseMode.html £©
> 
> ===================================================================
> ÂòHPÉÌÓĄ̃ʽ»ú£¬¾ÍÓ®ÐÂÄêºÃÀñ°Ù·Ö°Ù£¡ (http://ad4.sina.com.cn/wx/ads/hpzhuiyu117.html)
> _______________________________________________
> Nessus mailing list
> Nessus at list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus

More information about the Nessus mailing list