Hi,
We have a Jump Server (Windows 2016 Server) installed with Nessus Professional 8.14 on AWS EC2 instance. On same AWS we have multiple targets ie. Linux Servers with Port 22 Enabled. I want to scan these Linux Servers using Nessus installed on our Windows 2016 Jump Server.
I tried SSH -> Public Key Authentication method. Generated RSA Public Key of Windows 2016 (Nessus) and placed the same in Target Linux System “root/.ssh” folder. Used RSA Private Key of Windows 2016 in Scan Policy and initiated the scan without Private Key Passphrase and no elevated privileges provided.
Observed Authentication Failure as below: The following service errors were logged:
- Plugin : ssh_get_info2.nasl
Plugin ID : 97993
Plugin Name : OS Identification and Installed Software Enumeration over SSH v2 (Using New SSH Library)
Protocol : SSH
Message :
Unable to login to remote host with supplied credential sets.
Errors:
- No supplied credential sets succeeded on any of the ssh ports.
- Plugin : ssh_get_info.nasl
Plugin ID : 12634
Plugin Name : Authenticated Check : OS Name and Installed Package Enumeration
Protocol : SSH
Message :
Nessus failed to load the SSH private key. Is the associated passphrase correct?
Also, I tried using Target Linux Serevr's Private Key in Nessus Scan policy and even with that I faced Authentication failure.
So, I want to know procedure for performing Credential scan from Windows machine to target Linux server on AWS instance.
And also let me know for SSH -> Public Key Authentication method which are the Keys I need to use for successful authentication.
Thanks,
Chethan