Home
My Page
Projects
OpenVAS

[#1385] problems with ssh connection reuse? "shared_socket: Secret/SSH/socket is unknown" and other errors

Date:
2010-04-15 14:55
Priority:
3
State:
Open
Submitted by:
Joseph Sokol-Margolis (seph)
Assigned to:
Nobody (None)
Architecture:
64 bits
Product:
OpenVAS
Operating System:
Linux
Component:
openvas-scanner
Version:
None
Severity:
normal
Resolution:
None
Hardware:
None
URL:
 
Summary:
problems with ssh connection reuse? "shared_socket: Secret/SSH/socket is unknown" and other errors

Detailed description
I've been trying to get openvas up and running, and openvas-discuss (http://lists.wald.intevation.org/pipermail/openvas-discuss/2010-April/thread.html) has seen many messages to that effect.



Currently, I'm using revision 7289. Built normally, with the singular exception of *not* -O2. I don't have an X environment, so I'm using gsa as my client.



I created credentials with gsa, then created an account on the target machine (127.0.0.2), then created a simple scan of only "Determine OS and list of installed packages via SSH login" oid 1.3.6.1.4.1.25623.1.0.50282



Running that scan results in the following:



sshd's auth log, logs a single successful password authentication to the local user.



openvassd logs:



openvassd: user om : testing 127.0.0.2 (::ffff:127.0.0.2) [19764]

openvassd: shared_socket: Secret/SSH/socket is unknown

openvassd: process_internal_msg for gather-package-list.nasl returned -1

openvassd: shared_socket_register(): Error - recv_fd() failed

openvassd: process_internal_msg for gather-package-list.nasl returned -1

openvassd: Finished testing 127.0.0.2. Time : 1.46 secs

openvassd: user om : test complete

openvassd: Total time to scan all hosts : 2 seconds

openvassd: user om : Kept alive connection

openvassd: Communication closed by client



The generated report shows the following:



NVT: Determine OS and list of installed packages via SSH login (OID: 1.3.6.1.4.1.25623.1.0.50282)

We are able to login and detect that you are running Ubuntu 8.04 LTS



NVT: SSH Authorization (OID: 1.3.6.1.4.1.25623.1.0.90022)

No port for an ssh connect was found open.

Hence local security checks might not work.



If I run a "full and fast" scan of the target, I get similar results. sshd logs 150 successful password authentications. openvassd logs a lot of "process_internal_msg for ... returned -1" and shared socket errors. The resulting report has a bunch of output that shows a successful local scans, but also the same error on oid 1.3.6.1.4.1.25623.1.0.90022

Followup

Message
Date: 2010-04-21 15:31
Sender: Joseph Sokol-Margolis

I just tested with OpenVAS_Desktop_VM.i686-0.0.12.iso, and this is present there as well.

Attached Files:

Changes:

No Changes Have Been Made to This Item


This site is hosted by Intevation GmbH