Checking root login with ssh

85 views
Skip to first unread message

Dániel Görbe

unread,
Oct 4, 2020, 1:19:49 AM10/4/20
to golang-nuts

Hi!


I want to write a basic function to check whether root login is enabled or not.


On the terminal (OpenSSH 8.3p1-1) it looks like this:


If disabled:

```

$ ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no ro...@disabled.com

ro...@disabled.com: Permission denied (publickey).
```

If enabled:

```

$ ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no ro...@enabled.com

ro...@enabled.com's password:

```


I thought i can get a similar message with golang.org/x/crypto/ssh using Dial()'s example code and Auth set to Password only, but the only message i get is

"unable to authenticate, attempted methods [none], no supported methods remain" with both enabled and disabled root.


How can i get a similar message as OpenSSH's?


Thanks,

    Daniel


signature.asc

Kurtis Rader

unread,
Oct 4, 2020, 1:25:52 AM10/4/20
to Dániel Görbe, golang-nuts
What does your question have to do with the Go language? Did you try any solutions? What did you try?

--
You received this message because you are subscribed to the Google Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/206ad267-5f87-a553-c54b-731307aefd6a%40danielgorbe.com.


--
Kurtis Rader
Caretaker of the exceptional canines Junior and Hank

Dániel Görbe

unread,
Oct 4, 2020, 4:06:41 AM10/4/20
to golan...@googlegroups.com

Hi!


I tried to modify my the https://pkg.go.dev/golang.org/x/crypto/ssh#example-Dial .

I want to storno my question, because i forgot some other ssh settings.


Best regards,

    Daniel

To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/CABx2%3DD8cL1aHt2ymx4f6ANh2q%3DE0WeKW8qSOHMb5H4HhYRNXJQ%40mail.gmail.com.
-- 
Dániel Görbe
GNU/Linux System Administrator - IT Security Consultant
PGP: 0x5AEB729B3E642A16
Web: https://danielgorbe.com
signature.asc

Brian Candler

unread,
Oct 4, 2020, 4:56:05 AM10/4/20
to golang-nuts
If the remote server offers password login then the ClientConfig Password AuthMethod is called (ditto KeyboardInteractive).  By providing your own implementation of this callback, and recording whether it was called or not, I believe you can determine whether the server offered password (or keyboard-interactive) login.

Note, however, this can't tell whether root login is enabled on the server or not - neither does your ssh command line example. It only tells you whether password authentication for root is enabled or not.  (That is: root login with public key might still be enabled).
Reply all
Reply to author
Forward
0 new messages