Re: nmap-7.60 on Mac OS X - ssh-publickey-acceptance not working

[Ionreflex <ionreflex () gmail com>]

Hi Dan,

I confirmed that the script is working with a private key without
passphrase... but I've detected some strange behavior using the public
key... here we go!

1. if I run the following command :

/> sudo nmap --script +ssh-publickey-acceptance --script-args
> "ssh.usernames={'ionreflex'},
> ssh.publickeys={'/Users/ionreflex/.ssh/id_rsa.pub'}" -p 2222
> random.null.io


... the command break after ...

NSE: Starting ssh-publickey-acceptance against random.linkpc.net (
> 100.64.0.1:2222).
> NSE: [ssh-publickey-acceptance 100.64.0.1:2222] Checking key:
> /Users/ionreflex/.ssh/id_rsa.pub for user ionreflex


... so it doesn't finish and the console won't output anything until I
reset it! This seems to happen only if I provide 1 username to test; if I
provide more, all goes well. I've reproduced this behaviour on Mac OS X El
Capitan (nmap installed via official .dmg), debian wheezy running on armv7l
(gitted nmap) and CentOS 7 (gitted nmap)... but not on Ubuntu 16.04.3 LTS
(gitted nmap)??

2. never been able to successfully get a positive result with
"ssh.publickeys", it always ends up with the following :

| ssh-publickey-acceptance:
> |_  Accepted Public Keys: No public keys accepted



End of line.



[ ^ ]

2017-09-08 14:20 GMT-04:00 Daniel Miller <bonsaiviking () gmail com>:

> As we determined today on IRC, the private key file was
> passphrase-protected. It is a shortcoming of the current libssh2 bindings
> that we do not return any sort of error information after a failure. In the
> meantime, I've just added the ability to supply passphrases in the
> script-args for ssh-publickey-acceptance in r36982. Hopefully we'll be able
> to get error reporting added soon.
>
> Dan
>
> On Thu, Sep 7, 2017 at 2:40 PM, Ionreflex <ionreflex () gmail com> wrote:
>
> > Hi Dev,
> >
> > I've run into an error running NSE script "ssh-publickey-acceptance" on
> > Mac OS X (El Capitan 10.11.6); at first I had the problem described in
> > https://github.com/nmap/nmap/issues/955, but I had the reflex to search
> > for it before posting. Nevertheless, even running the command from
> > /usr/local/share/nmap my key failed to authenticate :
> >
> > /> ssh -vv -l ionreflex -p 2222 random.null.net
> > ...
> > debug1: Offering RSA public key: /Users/ionreflex/.ssh/id_rsa
> > debug2: we sent a publickey packet, wait for reply
> > debug1: Server accepts key: pkalg ssh-rsa blen 111
> > debug2: input_userauth_pk_ok: fp SHA256:493efcefb884d6b1d7c39ae
> > 3a058805963b8c53e
> > debug1: Authentication succeeded (publickey).
> >
> > /> sudo nmap -d --script +ssh-publickey-acceptance --script-args
> > "ssh.usernames={'root', 'ionreflex'}, ssh.privatekeys={'/Users/ionreflex/.ssh/id_rsa'}"
> > -p 2222 random.null.net
> > ...
> > NSE: Using Lua 5.3.
> > NSE: Arguments from CLI: ssh.usernames={'root', 'ionreflex'},
> > ssh.privatekeys={'/Users/ionreflex/.ssh/id_rsa'}
> > NSE: Arguments parsed: ssh.usernames={'root', 'ionreflex'},
> > ssh.privatekeys={'/Users/ionreflex/.ssh/id_rsa'}
> > NSE: Loaded 1 scripts for scanning.
> > ...
> > NSE: [ssh-publickey-acceptance 100.64.0.1:2222] Checking key:
> > /Users/ionreflex/.ssh/id_rsa for user ionreflex
> > userdata: 0x00e0fd0a
> > ionreflex
> > /Users/ionreflex/.ssh/id_rsa
> > NSE: [ssh-publickey-acceptance 100.64.0.1:2222] Failed to authenticate
> > NSE: Finished ssh-publickey-acceptance against random.null.net (
> > 100.64.0.1:2222).
> > Completed NSE at 15:15, 1.57s elapsed
> >
> > I've installed Nmap using the package available at the download page :
> > https://nmap.org/dist/nmap-7.60.dmg
> >
> > Lemme know if you need more info or if I can help with anything!
> >
> >
> >
> > [ ^ ]
> >
> > _______________________________________________
> > Sent through the dev mailing list
> > https://nmap.org/mailman/listinfo/dev
> > Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/