My local machine is hosting a Kali VM. I am trying to run local security tests using the VM's OpenVAS 7 on a server running Ubuntu 12.04.5.
When I run SSH Authorization Test I get the following result: "It was not possible to login using the provided SSH credentials. Hence authenticated checks are not enabled."
On the target server, the following is logged to /var/log/auth.log
when this happens:
Dec 14 18:46:38 localhost sshd[9420]: Received disconnect from ***.***.***.***: 11: Bye Bye [preauth]
- On the Kali VM, nothing is output to any log files in
/var/log/openvas
when this occurs. - I've verified that the OpenVAS task is using the correct private and public keys.
- I've verified that the passphrase was typed correctly.
- I've successfully manually SSHed into the target server from the Kali VM using the same login and private key.
The manual SSH is logged to /var/log/auth.log
as I would expect:
Dec 14 18:39:21 localhost sshd[8965]: Accepted publickey for openvas from ***.***.***.*** port 32774 ssh2
Dec 14 18:39:21 localhost sshd[8965]: pam_unix(sshd:session): session opened for user openvas by (uid=0)
Dec 14 18:39:25 localhost sshd[9068]: Received disconnect from ***.***.***.***: 11: disconnected by user
UPDATE: I've also added logging to SSH Authorization Test (which on my machine was located at /var/lib/openvas/plugin/
in ssh_authorization_init.nasl
and ssh_authorization.nasl
) which verified that the passphrase, keys, and login name were both entered and retrieved correctly.