Auth scan with ssh credentials doesn't report all hosts


I’m doing authenticated scan with ssh credentials and I discovered that I am missing some hosts.

I discovered on the hosts not reported that I see some connections but I have the following error message:

 sshd[50395]: error: Could not load host key: /etc/ssh/ssh_host_dsa_key

I can solve the issue by creating the key pair but I’d prefer not. (Security issue and I have many hosts.) Moreover were the scan succeeded, there isn’t the key pair as well.

I also tried to check the option “allow insecure use” but it didn’t change the outcome. I’am running out of ideas.

OpenSSH_9.0p1 Debian-1+b1, OpenSSL 3.0.5 5 Jul 2022
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017 (RedHat)




Could not load host key: /etc/ssh/ssh_host_dsa_key

error on scanner or on scanner host? sounds like a br0ken setup on host?

is that file missing from host.


The error appears on the scanned host but not all of them. The error is right, the file is missing and If I create the file it works but that’s not really a valid solution. I would like to know why it wants to use this key pair and how I can change it.

@mellymello it means that hostkey(s) are mission from scanned host.

You need to regenerate them on host or remove missing keys from sshd configuration. this might be related to host upgrade.


A successful login via SSH at a target depends on a few things:

  • A default SSH configuration on which some hints are given in 10 Scanning a System — Greenbone Enterprise Appliance 22.04.2 documentation
  • A version used on the scanner host which is compatible / able to communicate with the SSH server running on the target host
    • The scanner is using libssh for the SSH login
    • If an affected target host is using some newer or older algorithms not supported by the used libssh version (against the scanner was compiled) the login will fail
    • Support for some ECC curves requires libssh to be build against libnacl
    • Some incompatibilities / bugs in libssh could also negatively affect the login
    • Unfortunately there is no “full” list on Features – libssh which of these features / functionality got introduced in which libssh version so this is mainly a “try and error” to determine if the issue is originating from libssh
1 Like

Thank you for your reply,

I’ll have a look and try to determine if it comes from libssh.

I’ll let you know my results