SSH authenticated Scans

Hello,
I want to set up an authenticated scan (via SSH). I have stored a username/key on the target system and then in OpenVaS. A manual login works but the authenticated scan does not seem to work.
Is there a step by step guide?
Do I have to pay attention to anything?

Thnak you!

The scan seems to work. 40 items of software have been identified. However, there is no severity.
The CPE you were looking for could not be found. …
PS: The scan-user does not have any root permissions

I’m not 100% sure I understand your comment correctly. However:

The authenticated scan user (local/target system user) does not require root permissions for many scan tasks. On most systems the installed package lists are available to regular users to Notus scans can effectively take place.

As for lack of severity enrichment in the results (and I guess you mean the CPE data is missing from the result as well), the NIST NVD has stopped enriching most CVEs with CVSS and CPE severity through out most of 2024. This accounts for much of the missing data.

1 Like

Thank you very with. It worked without any root permissions.