[Openvas-discuss] local account used for scans

Brian Thompson bthompson at wyetechllc.com
Wed Jul 1 17:39:22 CEST 2015


It says:

"It was not possible to login using the provided SSH credentials.

Hence authenticated checks are not enabled."


I've got my system locked down fairly tight so as a test, I added the local
account I created (openvas) to the sudoers file so that it can sudo (passwd
required), I am now able to get the more complete results and "SSH Authorization
Check" reports a successful login attempt.  (NOTE: In case it matters, I'm
running OpenVAS v8 on CentOS v6.4.)


Brian

> 
>     On July 1, 2015 at 11:03 AM M"It was not possible to login using the
> provided SSH credentialsichael Meyer <michael.meyer at greenbone.net> wrote:
> 
> 
>     *** Brian Thompson wrote:
> 
>     > Is sudo required for the account? My personal account has the ability to
>     > do
>     > sudo commands but the account I created does not.
> 
>     No.
> 
>     Look in the report for "SSH Authorization Check (
>     1.3.6.1.4.1.25623.1.0.90022)" and "Determine OS and list of installed
>     packages via SSH login (1.3.6.1.4.1.25623.1.0.50282)".
> 
>     What did they report?
> 
>     Micha
> 
>     --
>     Michael Meyer OpenPGP Key: 0xAF069E9152A6EFA6
>     http://www.greenbone.net/
>     Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
>     Osnabrück, HR B 202460
>     Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
>     _______________________________________________
>     Openvas-discuss mailing list
>     Openvas-discuss at wald.intevation.org
>     https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20150701/07d83d52/attachment.html>


More information about the Openvas-discuss mailing list