[Openvas-discuss] Debian Local security checks
storm16 at gmail.com
Tue Mar 8 19:43:06 CET 2011
I'm running OpenVAS 3 (libopenvas3 3.0.4-2, openvas-client 2.0.5-1,
openvas-scanner 3.0.2-4) on a Debian/sid box, attempting to scan another sid
box, but I am having problems getting the local security checks working. I
built an rsa key, and created a .p8 file as noted in the OpenVAS Compendium,
pages 45 and 46. However, I see the following in my scan results:
>From plugin 50282
OpenVAS failed to load SSH private key (RSA)
This script will, if given a userid/password or
key to the remote system, login to that system,
determine the OS it is running, and for supported
systems, extract the list of installed packages/rpms.
>From plugin 90022
It was not possible to login using the SSH crendentials supplied.
Hence local security checks are not enabled.
I am able to log in to the account from the command line, but not using the
.p8 certificate. (Why does openvas use .p8 certs instead of the private key
I have the following enabled:
Debian Local Security Checks -> (all)
General -> Determine OS and list of installed packages
Service Detection -> (all)
Settings -> (all)
Dependencies are enabled at runtime
Under credentials, I have use per-target login information (I have tried
with and without). I have the account name, public key (id_rsa_ovas.pub) and
private key (ovas_rsa.p8) and passphrase.
Why is this not seeing the any ssh credentials?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openvas-discuss