During a remote scan with scap-worbench, from one CENTOS to another CENTOS, I got an error (see the log below).
What is amazing is that we do not have the askpass popup to authenticate (stdout redirection problem?) Whereas if I launch a DRY SCAN (with the same machines) in a terminal, everything is OK
Is there an ASKPASS or other variable concern? thank you.
OTher things : scap-workbench is not launch with root
Another thing:
the scap-worbench command line launched in a terminal seems good (an askpass window appears to authenticate):
/usr/bin/setsid /usr/bin/ssh -M -f -N -o ServerAliveInterval=60 -o ControlPath=/tmp/ljXSlY/ssh_socket -p 22 user@computer.francecentral.cloudapp.azure.com
Error in scap-worbench when i launch remote scan:
_08:56:44
info
SCAP Workbench 1.1.6, compiled with Qt 4.8.7, using OpenSCAP 1.2.17
08:56:53
info
Opened file '/usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml'.
08:57:23
info
Establishing connecting to remote target...
08:57:29
error
Can't connect to remote machine! Exception was: There was a problem with SshConnection! Failed to create SSH master socket! Diagnostic info: Starting process '/usr/bin/setsid /usr/bin/ssh -M -f -N -o ServerAliveInterval=60 -o ControlPath=/tmp/ljXSlY/ssh_socket -p 22 user@computer.francecentral.cloudapp.azure.com' Starting process '/usr/bin/setsid /usr/bin/ssh -M -f -N -o ServerAliveInterval=60 -o ControlPath=/tmp/ljXSlY/sshsocket -p 22 user@computer.francecentral.cloudapp.azure.com' stdout: =============================== stderr: =============================== No protocol specified (gnome-ssh-askpass:3511): Gtk-WARNING : 08:57:23.671: cannot open display: :0 No protocol specified (gnome-ssh-askpass:3512): Gtk-WARNING : 08:57:25.623: cannot open display: :0 No protocol specified (gnome-ssh-askpass:3515): Gtk-WARNING : 08:57:27.177: cannot open display: :0 No protocol specified (gnome-ssh-askpass:3516): Gtk-WARNING : 08:57:29.336: cannot open display: :0 Permission denied, please try again. No protocol specified (gnome-ssh-askpass:3517): Gtk-WARNING : 08:57:29.347: cannot open display: :0 Permission denied, please try again. No protocol specified (gnome-ssh-askpass:3518): Gtk-WARNING : 08:57:29.358: cannot open display: :0 Received disconnect from XX.XX.XX.XX port 22:2: Too many authentication failures Authentication failed.
During a remote scan with scap-worbench, from one CENTOS to another CENTOS, I got an error (see the log below).
What is amazing is that we do not have the askpass popup to authenticate (stdout redirection problem?) Whereas if I launch a DRY SCAN (with the same machines) in a terminal, everything is OK
Is there an ASKPASS or other variable concern? thank you.
OTher things : scap-workbench is not launch with root
DRY RUN: is OK
oscap-ssh user@computer.francecentral.cloudapp.azure.com 22 xccdf eval --datastream-id scap_org.open-scap_datastream_from_xccdf_ssg-rhel7-xccdf-1.2.xml --xccdf-id scap_org.open-scap_cref_ssg-rhel7-xccdf-1.2.xml --profile xccdf_org.ssgproject.content_profile_pci-dss --oval-results --results /tmp/xccdf-results.xml --results-arf /tmp/arf.xml --report /tmp/report.html /usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml
Another thing: the scap-worbench command line launched in a terminal seems good (an askpass window appears to authenticate):
/usr/bin/setsid /usr/bin/ssh -M -f -N -o ServerAliveInterval=60 -o ControlPath=/tmp/ljXSlY/ssh_socket -p 22 user@computer.francecentral.cloudapp.azure.com
Error in scap-worbench when i launch remote scan:
_08:56:44 info
SCAP Workbench 1.1.6, compiled with Qt 4.8.7, using OpenSCAP 1.2.17
08:56:53 info
Opened file '/usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml'.
08:57:23 info
Establishing connecting to remote target...
08:57:29 error
Can't connect to remote machine! Exception was: There was a problem with SshConnection! Failed to create SSH master socket! Diagnostic info: Starting process '/usr/bin/setsid /usr/bin/ssh -M -f -N -o ServerAliveInterval=60 -o ControlPath=/tmp/ljXSlY/ssh_socket -p 22 user@computer.francecentral.cloudapp.azure.com' Starting process '/usr/bin/setsid /usr/bin/ssh -M -f -N -o ServerAliveInterval=60 -o ControlPath=/tmp/ljXSlY/sshsocket -p 22 user@computer.francecentral.cloudapp.azure.com' stdout: =============================== stderr: =============================== No protocol specified (gnome-ssh-askpass:3511): Gtk-WARNING : 08:57:23.671: cannot open display: :0 No protocol specified (gnome-ssh-askpass:3512): Gtk-WARNING : 08:57:25.623: cannot open display: :0 No protocol specified (gnome-ssh-askpass:3515): Gtk-WARNING : 08:57:27.177: cannot open display: :0 No protocol specified (gnome-ssh-askpass:3516): Gtk-WARNING : 08:57:29.336: cannot open display: :0 Permission denied, please try again. No protocol specified (gnome-ssh-askpass:3517): Gtk-WARNING : 08:57:29.347: cannot open display: :0 Permission denied, please try again. No protocol specified (gnome-ssh-askpass:3518): Gtk-WARNING : 08:57:29.358: cannot open display: :0 Received disconnect from XX.XX.XX.XX port 22:2: Too many authentication failures Authentication failed.