1

My local machine is hosting a Kali VM. I am trying to run local security tests using the VM's OpenVAS 7 on a server running Ubuntu 12.04.5.

When I run SSH Authorization Test I get the following result: "It was not possible to login using the provided SSH credentials. Hence authenticated checks are not enabled."

On the target server, the following is logged to /var/log/auth.log when this happens:

Dec 14 18:46:38 localhost sshd[9420]: Received disconnect from ***.***.***.***: 11: Bye Bye [preauth]
  • On the Kali VM, nothing is output to any log files in /var/log/openvas when this occurs.
  • I've verified that the OpenVAS task is using the correct private and public keys.
  • I've verified that the passphrase was typed correctly.
  • I've successfully manually SSHed into the target server from the Kali VM using the same login and private key.

The manual SSH is logged to /var/log/auth.log as I would expect:

Dec 14 18:39:21 localhost sshd[8965]: Accepted publickey for openvas from ***.***.***.*** port 32774 ssh2
Dec 14 18:39:21 localhost sshd[8965]: pam_unix(sshd:session): session opened for user openvas by (uid=0)
Dec 14 18:39:25 localhost sshd[9068]: Received disconnect from ***.***.***.***: 11: disconnected by user

UPDATE: I've also added logging to SSH Authorization Test (which on my machine was located at /var/lib/openvas/plugin/ in ssh_authorization_init.nasl and ssh_authorization.nasl) which verified that the passphrase, keys, and login name were both entered and retrieved correctly.

1 Answers1

1

This was a bug in OpenVAS. It was fixed and backported into OpenVAS 7 some time ago: http://lists.wald.intevation.org/pipermail/openvas-discuss/2015-February/007422.html