Comments (11)
I have exactly the same running on Centos 6. Anyone have a idea why this err message appears?
from vuls.
It seems the config file is wrong.
Please paste the config file with password masking.
(I think the error message is bad. I will improve the message)
from vuls.
You can run with -debug option to get more detail information.
from vuls.
pyed@Debian7:~$ vuls scan -debug
INFO[0000] Begin scannig (config: /home/pyed/config.toml)
[Apr 10 19:05:54] INFO [localhost] Validating Config...
[http] 2016/04/10 19:05:54 HTTP Request: GET /health HTTP/1.1
Host: 127.0.0.1:1323
time=2016-04-10T19:05:54+03:00, remote_ip=127.0.0.1, method=GET, uri=/health, status=200, took=160.442µs, sent=0 bytes
[http] 2016/04/10 19:05:54 HTTP Response: HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Date: Sun, 10 Apr 2016 16:05:54 GMT
Content-Length: 0
[Apr 10 19:05:54] INFO [localhost] Detecting OS...
[Apr 10 19:05:54] DEBUG [localhost] []scan.osTypeInterface{}
[Apr 10 19:05:54] INFO [localhost] Scanning vulnerabilities...
[Apr 10 19:05:54] ERROR [localhost] Failed to scan. err: Not initialize yet..
pyed@Debian7:~$
config.toml
:
[servers]
[176.X.XXX.XXX]
host = "176.X.XXX.XXX"
port = "54XXX"
user = "pyed"
keyPath = "/home/pyed/.ssh/id_rsa"
from vuls.
Try this config :-)
[servers]
[servers.176-X-XXX-XXX]
...
from vuls.
pyed@Debian7:~$ vuls scan
INFO[0000] Begin scannig (config: /home/pyed/config.toml)
[Apr 11 18:49:07] INFO [localhost] Validating Config...
time=2016-04-11T18:49:07+03:00, remote_ip=127.0.0.1, method=GET, uri=/health, status=200, took=156.496µs, sent=0 bytes
[Apr 11 18:49:07] INFO [localhost] Detecting OS...
WARN[0000] Faild to ssh @:. err: dial tcp :0: getsockopt: connection refused, Retrying in 552.330144ms...
WARN[0000] Faild to ssh @:. err: dial tcp :0: getsockopt: connection refused, Retrying in 1.080381816s...
not sure why it fails to connect, when I try the following it works
ssh -p 54XXX [email protected]
which means the ssh key is okay and exists in authorized_keys
from vuls.
@pyed Try this config !!
[servers]
[servers.176-X-XXX-XXX]
host = "176.X.XXX.XXX"
port = "54XXX"
user = "pyed"
keyPath = "/home/pyed/.ssh/id_rsa"
from vuls.
I did not notice the dashes, now it seems to work but complains about not being able to use sudo, i tried to run prepare with root, but the same happened, it would be a lot better if you list the dependences rather than asking for root access
from vuls.
pyed@Debian7:~$ vuls scan
INFO[0000] Begin scannig (config: /home/pyed/config.toml)
[Apr 11 20:46:38] INFO [localhost] Validating Config...
time=2016-04-11T20:46:38+03:00, remote_ip=127.0.0.1, method=GET, uri=/health, status=200, took=151.101µs, sent=0 bytes
[Apr 11 20:46:38] INFO [localhost] Detecting OS...
[Apr 11 20:46:39] INFO [localhost] Scanning vulnerabilities...
[Apr 11 20:46:39] INFO [localhost] Check required packages for scanning...
[Apr 11 20:46:40] ERROR [XXXXXXXXXXXXXXXXXXX] aptitude is not installed
[Apr 11 20:46:40] ERROR [localhost] Please execute with [prepare] subcommand to install required packages before scanning
[Apr 11 20:46:40] ERROR [localhost] Failed to scan. err: [email protected]: aptitude is not installed.
pyed@Debian7:~$ vuls prepare
INFO[0000] Begin Preparing (config: /home/pyed/config.toml)
[Apr 11 20:46:58] INFO [localhost] Detecting OS...
[Apr 11 20:46:58] INFO [localhost] Installing...
[Apr 11 20:46:58] INFO [XXXXXXXXXXXXXXXXXXX] apt-get update...
[Apr 11 20:47:00] ERROR [XXXXXXXXXXXXXXXXXXX] Failed to apt-get update. status: 1, stdout: [sudo] password for pyed: Sorry, try again.
[sudo] password for pyed:
sudo: 1 incorrect password attempt
, stderr:
[Apr 11 20:47:00] ERROR [localhost] Failed: [email protected]: Failed to apt-get update. status: 1, stdout: [sudo] password for pyed: Sorry, try again.
[sudo] password for pyed:
sudo: 1 incorrect password attempt
, stderr: .
pyed@Debian7:~$ su
Password:
root@Debian7:/home/pyed# apt-get install aptitude
Reading package lists... Done
Building dependency tree
Reading state information... Done
aptitude is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
it doesn't wait for me to type the password for that sudo command.
from vuls.
@pyed Thanks for reporting.
it would be a lot better if you list the dependences rather than asking for root access
The document of dependencies is here.
https://github.com/future-architect/vuls#usage-prepare
Currently, It's needed to define password If you want to ssh with sudo password,
[servers]
[servers.176-X-XXX-XXX]
host = "176.X.XXX.XXX"
port = "54XXX"
user = "pyed"
password = "password" # sudo password of pyed on the target server
keyPath = "/home/pyed/.ssh/id_rsa"
You can configure NOPASSWORD in /etc/sudoers on the target server If you don't want to write plain password in the config.
http://askubuntu.com/questions/334318/sudoers-file-enable-nopasswd-for-user-all-commands
In the near future, I am going to implement password-less option in the config.
(see #11 (comment) )
from vuls.
I implement -ask-sudo-password option and -ask-key-password option.
Now, you can avoid to define plain password in config.
see #35
from vuls.
Related Issues (20)
- Having redhat section when scanning ubuntu vm HOT 1
- Question: Heatmap Category Count HOT 2
- Windows not shown in supported OS list HOT 3
- Support for Fedora is not working HOT 1
- Remote scan from Linux to Windows fails
- Results of the scan & report seem odd HOT 3
- Issue in trivy to vuls convertor HOT 1
- How to remove password from the logs ? HOT 1
- no information in "title" field for vuls scan on ubuntu vm HOT 6
- Error on json report : err: json: cannot unmarshal object into Go struct field Nvd.Cvss2 of type HOT 2
- A lot of bugs are there
- How is server/json mode expected to work for windows ? HOT 1
- false positive redhat unpatched vulnerability HOT 2
- severity is different for each scan on debian
- failed to get modularitylabel on RedHat HOT 1
- Enhanced kernel package check with multiple versions installed HOT 1
- The enhancement of the amount of cveContents information included in trivy-to-vuls HOT 1
- Difference in cve contents between vuls report and trivy-to-vuls
- Support for alpine is not actually in place despite the OS being listed as supported HOT 1
- Multiple versions are detected in some packages on Debian-based distributions HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from vuls.