I’m doing authenticated scan with ssh credentials and I discovered that I am missing some hosts.
I discovered on the hosts not reported that I see some connections but I have the following error message:
sshd[50395]: error: Could not load host key: /etc/ssh/ssh_host_dsa_key
I can solve the issue by creating the key pair but I’d prefer not. (Security issue and I have many hosts.) Moreover were the scan succeeded, there isn’t the key pair as well.
I also tried to check the option “allow insecure use” but it didn’t change the outcome. I’am running out of ideas.
The error appears on the scanned host but not all of them. The error is right, the file is missing and If I create the file it works but that’s not really a valid solution. I would like to know why it wants to use this key pair and how I can change it.
A https://www.libssh.org version used on the scanner host which is compatible / able to communicate with the SSH server running on the target host
The scanner is using libssh for the SSH login
If an affected target host is using some newer or older algorithms not supported by the used libssh version (against the scanner was compiled) the login will fail
Support for some ECC curves requires libssh to be build against libnacl
at least some older Debian versions didn’t had that support
Some incompatibilities / bugs in libssh could also negatively affect the login
Unfortunately there is no “full” list on Features – libssh which of these features / functionality got introduced in which libssh version so this is mainly a “try and error” to determine if the issue is originating from libssh