Hi, there’is a way to enable gvm accepting old host key type, like ssh-rsa? Otherwise, when I scan old linux-based system, I’m not able to authenticate ( If i try to open ssh connection directly from the vm, I obtain " Unable to negotiate with -IPADDRESS- port 22: no matching host key type found. Their offer: ssh-dss, ssh-rsa"). Thanks
That should not be used anyway … and should be detected as vulnerability as well. Most clients (OpenSSH can´t connect via DSS any more).
1 Like
OpenVAS has detected it as a medium vulnerability, but in the server there are definitely a lot of high vulnerabilities, and I would to show them to my customer…
I think it would be a good feature to scan old system, even with deprecated protocols.
You will get a CVE 10 anyway. So it does not matter. If you have one CVE 10 Vulnerability or 20 …
If you wanna demonstrate solutions i would strongly recommend to use realistic scenarios.