[ERROR] target ssh://10.0.2.10:22/ does not support password authentication.

[d0gst4r]

Hi, I'm running Hydra against a virtual machine which supports ssh password login yet I'm getting the following error: hydra -t 1 -dvV -l "margo" -P /usr/share/wordlists/rockyou.txt ssh://10.0.2.10/ Hydra v8.3 (c) 2016 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

[DEBUG] Output color flag is 1 Hydra (http://www.thc.org/thc-hydra) starting at 2017-01-21 05:29:08 [DEBUG] cmdline: hydra -t 1 -dvV -l margo -P /usr/share/wordlists/rockyou.txt ssh://10.0.2.10/ [DEBUG] opt:8 argc:9 mod:ssh tgt:10.0.2.10 port:0 misc: [DATA] max 1 task per 1 server, overall 64 tasks, 14344399 login tries (l:1/p:14344399), ~224131 tries per task [DATA] attacking service ssh on port 22 [VERBOSE] Resolving addresses ... [DEBUG] resolving 10.0.2.10 [VERBOSE] resolving done [INFO] Testing if password authentication is supported by ssh://10.0.2.10:22 [ERROR] target ssh://10.0.2.10:22/ does not support password authentication.

Demonstration of SSH password login: sshpass -p "god" ssh margo@10.0.2.10 Ubuntu 14.04.3 LTS Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.19.0-25-generic x86_64)

• Documentation: https://help.ubuntu.com/

  System information as of Thu Jan 5 21:14:16 GMT 2017

  System load: 0.01 Processes: 146 Usage of /: 99.2% of 1.85GB Users logged in: 1 Memory usage: 5% IP address for eth0: 10.0.2.10 Swap usage: 0% IP address for virbr0: 192.168.122.1

  => / is using 99.2% of 1.85GB

  Graph this data and manage this system at: https://landscape.canonical.com/

150 packages can be updated. 0 updates are security updates.

Last login: Thu Jan 5 21:13:49 2017 from 10.0.2.8 margo@gibson:~$

Help would be much appreciated!

[d0gst4r]

I should add that only margo on this server is password enabled. could it be that Hydra probes this with a user different than the one provided in the -l argument?

from sshd_config:

Eugene & Margo can SSH in, no-one else allowed

AllowUsers eugene margo

SSH keys only but margo can use a password

Match user margo PasswordAuthentication yes

[vanhauser-thc]

yes, the checking function uses a fixed user name. it was root, however current default configs often have root only allowing certificate authentication, so that is now a bad choice.

your setup is unusual but possible.

currently it is unsupported to hand over usernames and password to the check function. for SSH it was possible for me to do a dirty workaround.

I checked it in the, can you please test if it works now?

[d0gst4r]

Works like a charm! :) Thank you!