Closed ikstream closed 1 year ago
thanks for reporting this issue.
i am a bit lost with this issue/result (i.e. "authentication methods: none_auth
").
<script id="script-id" output="..."><table><elem>...</elem></table></script>
)none_auth
) does not adhere to what libssh2-utility:SSHConnection:list
should return: a list with the authentication methods on success or false on failure. should we just treat this case (i.e. none_auth
) the same as ERROR: ...
and add a "could not establish authentication methods" to the service's issues?
by returning a none_auth
value, i guess, this server isn't adhering to the SSH standard:
A client may request a list of authentication 'method name' values that may continue by using the "none" authentication 'method name'.
If no authentication is needed for the user, the server MUST return SSH_MSG_USERAUTH_SUCCESS.
Otherwise, the server MUST return SSH_MSG_USERAUTH_FAILURE and MAY return with it a list of methods that may continue in its 'authentications that can continue' value.This 'method name' MUST NOT be listed as supported by the server.
or could it be, that the SSH service actually does not require any authentication (and this is how Nmap displays such a case)? :astonished:
could you please run the following command and report its results?
$ ssh -v -o PreferredAuthentications=none ${user}@${host}
further investigation might be necessary
could you please run the following command and report its results?
$ ssh -v -o PreferredAuthentications=none ${user}@${host}
ssh root@10.0.0.9 -v -o PreferredAuthentications=none
OpenSSH_9.3p1, OpenSSL 3.1.1 30 Sep 2553
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 10.0.0.9 [10.0.0.9] port 22.
debug1: Connection established.
debug1: identity file /.ssh/id_rsa type -1
debug1: identity file /.ssh/id_rsa-cert type -1
debug1: identity file /.ssh/id_ecdsa type -1
debug1: identity file /.ssh/id_ecdsa-cert type -1
debug1: identity file /.ssh/id_ecdsa_sk type -1
debug1: identity file /.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /.ssh/id_ed25519 type -1
debug1: identity file /.ssh/id_ed25519-cert type -1
debug1: identity file /.ssh/id_ed25519_sk type -1
debug1: identity file /.ssh/id_ed25519_sk-cert type -1
debug1: identity file /.ssh/id_xmss type -1
debug1: identity file /.ssh/id_xmss-cert type -1
debug1: identity file /.ssh/id_dsa type -1
debug1: identity file /.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.3
debug1: Remote protocol version 2.0, remote software version Photon Torpedo SSH 6.3
debug1: compat_banner: no match: Photon Torpedo SSH 6.3
debug1: Authenticating to 10.0.0.9:22 as 'root'
debug1: load_hostkeys: fopen /.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: (no match)
Unable to negotiate with 10.0.0.9 port 22: no matching host key type found. Their offer: ssh-rsa
Trying to analyse ssh logs with the new analysis systems fails with an
AttributeError
exception. The xml file causing the fail is attached below the stack trace../analyze.py -i ../test/logs/recon/ ssh
cat ssh,tcp,22,nmap.xml