View Issue Details

IDProjectCategoryView StatusLast Update
0002675Kali LinuxKali Package Bugpublic2018-01-29 12:29
Reporterh3ll0 Assigned Tog0tmi1k  
PriorityhighSeverityblockReproducibilityalways
Status closedResolutionsuspended 
Product Version2.0 
Summary0002675: OpenSSH is not able to authenticate via SSH
Description

The fully updated Kali2 version of OpenVAS is not able to authenticate against an OpenSSH v2 only enabled server.

However, creating a CentOS 7 box and installing latest version of OpenVAS works fine out of the box with connecting.

NOTE: Using Putty on Kali2 there are NO PROBLEMS with authenticating to the same SSH target.

Error logs appear as:
Sep 15 17:16:01 bh01 sshd[10035]: Proto­col major versions differ for 75...: SSH-2.0-OpenSSH_6.6.1 vs. SSH-1.33­-OpenVASSSH_1.0
Sep 15 17:16:01 bh01 sshd[10036]: Proto­col major versions differ for 75.
..: SSH-2.0-OpenSSH_6.6.1 vs. SSH-1.5-­OpenVASSSH_1.0
Sep 15 17:16:50 bh01 sshd[10080]: Did n­ot receive identification string from 75­...
Sep 15 17:22:02 bh01 sshd[10381]: Did n­ot receive identification string from 75­.
..

Steps To Reproduce

I downloaded the latest VM version of Kali2 and then ran dist updates. Ran openvas-check-setup and remediated findings till it said it was ok.

Created a custom scan config from General ---> SSH Authorization Check
(Custom created for speed of testing, same issue if you perform default scans)

SSH server has the following pertinent settings...
HostKey /etc/ssh/ssh_host_ed25519_key
HostKey /etc/ssh/ssh_host_rsa_key
Ciphers aes256-ctr,aes192-ctr,aes128-ctr,arcfour256
MACs [email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
PermitRootLogin yes
PasswordAuthentication yes
ChallengeResponseAuthentication yes
GSSAPIAuthentication yes
GSSAPICleanupCredentials no
UsePAM yes
UsePrivilegeSeparation sandbox

Additional Information

In summary, using Kali2 repos for OpenVAS, I am unable to SSH to a SSH2 secure box using either credentials or certificate authentication. However, I am able to putty from Kali2 to the SAME target SSH server.

OpenVAS recommended testing with a new instance of CentOS and latest build of OpenVAS which worked out of the box. They wouldn't assist with troubleshooting further as I have a working version now and said it must be an issue with Kali2.

Activities

h3ll0

h3ll0

2015-09-18 20:39

reporter   ~0004014

So sorry, title should be OpenVAS not OpenSSH.

g0tmi1k

g0tmi1k

2018-01-29 12:29

administrator   ~0008125

Due to the age of the OS (Kali Moto [v1], Kali Safi [v2], Kali Rolling 2016.x), these legacy versions are no longer supported.
We will be closing this ticket due to inactivity.

Please could you see if you are able to replicate this issue with the latest version of Kali Linux - https://www.kali.org/downloads/)?

If you are still facing the same problem, feel free to re-open the ticket. If you choose to do this, could you provide more information to the issue you are facing,and also give information about your setup?
For more information, please read: https://kali.training/topic/filing-a-good-bug-report/

Issue History

Date Modified Username Field Change
2015-09-18 20:38 h3ll0 New Issue
2015-09-18 20:39 h3ll0 Note Added: 0004014
2015-11-06 23:44 bhjr Issue cloned: 0002768
2018-01-29 12:29 g0tmi1k Assigned To => g0tmi1k
2018-01-29 12:29 g0tmi1k Status new => closed
2018-01-29 12:29 g0tmi1k Resolution open => suspended
2018-01-29 12:29 g0tmi1k Note Added: 0008125