[Openvas-devel] [openvas-Bugs][971] Openvas is unabled to login with ssh key

openvas-bugs@wald.intevation.org openvas-bugs at wald.intevation.org
Sun Apr 19 17:09:15 CEST 2009

Bugs item #971, was opened at 19/04/2009 15:09
Status: Open
Priority: 3
Submitted By: Andrea Briganti (kbyte)
Assigned to: Nobody (None)
Summary: Openvas is unabled to login with ssh key 
Resolution: None
Severity: major
Version: v2.0.3
Component: openvas-server
Operating System: Linux
Product: OpenVAS
Hardware: None

Initial Comment:
Openvas is unable to perform any local check with ssh login because it fails to use the login key.

The openvasd.messages files reports these errors:

user kbyte : launching gather-package-list.nasl against [3181]
shared_socket: Secret/SSH/socket is unknown
process_internal_msg for gather-package-list.nasl returned -1
gather-package-list.nasl (process 3181) finished its job in 1.416 seconds
user kbyte : Not launching deb_174_1.nasl against because the key ssh/login/packages is missing (this is not an error)

The concurrent checks value is set to 1.

In the auth.log of target server I read:

error: ssh_rsa_verify: len 257 > modlen 256
error: RSA_public_decrypt failed: error:0407006A:lib(4):func(112):reason(106)

The ssl error 0407006A is:

error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01

I tried to use the LSC Credential Manger and to create manually a ssh + p8 key and I'm able to login into server manually with generated keys.

The openvas releases tested are the lastest stable and the source from the svn.

The target system is a debian lenny server.


You can respond by visiting: 

More information about the Openvas-devel mailing list