Comments (11)
JvGinkel
commented on July 17, 2024
I have exactly the same running on Centos 6. Anyone have a idea why this err message appears?
from vuls.
kotakanbe
commented on July 17, 2024
It seems the config file is wrong.
Please paste the config file with password masking.
(I think the error message is bad. I will improve the message)
from vuls.
kotakanbe
commented on July 17, 2024
You can run with -debug option to get more detail information.
from vuls.
pyed
commented on July 17, 2024
pyed@Debian7:~$ vuls scan -debug
INFO[0000] Begin scannig (config: /home/pyed/config.toml)
[Apr 10 19:05:54] INFO [localhost] Validating Config...
[http] 2016/04/10 19:05:54 HTTP Request: GET /health HTTP/1.1
Host: 127.0.0.1:1323
time=2016-04-10T19:05:54+03:00, remote_ip=127.0.0.1, method=GET, uri=/health, status=200, took=160.442µs, sent=0 bytes
[http] 2016/04/10 19:05:54 HTTP Response: HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Date: Sun, 10 Apr 2016 16:05:54 GMT
Content-Length: 0
[Apr 10 19:05:54] INFO [localhost] Detecting OS...
[Apr 10 19:05:54] DEBUG [localhost] []scan.osTypeInterface{}
[Apr 10 19:05:54] INFO [localhost] Scanning vulnerabilities...
[Apr 10 19:05:54] ERROR [localhost] Failed to scan. err: Not initialize yet..
pyed@Debian7:~$ config.toml:
[servers]
[176.X.XXX.XXX]
host = "176.X.XXX.XXX"
port = "54XXX"
user = "pyed"
keyPath = "/home/pyed/.ssh/id_rsa"from vuls.
kotakanbe
commented on July 17, 2024
Try this config :-)
[servers]
[servers.176-X-XXX-XXX]
...
from vuls.
pyed
commented on July 17, 2024
pyed@Debian7:~$ vuls scan
INFO[0000] Begin scannig (config: /home/pyed/config.toml)
[Apr 11 18:49:07] INFO [localhost] Validating Config...
time=2016-04-11T18:49:07+03:00, remote_ip=127.0.0.1, method=GET, uri=/health, status=200, took=156.496µs, sent=0 bytes
[Apr 11 18:49:07] INFO [localhost] Detecting OS...
WARN[0000] Faild to ssh @:. err: dial tcp :0: getsockopt: connection refused, Retrying in 552.330144ms...
WARN[0000] Faild to ssh @:. err: dial tcp :0: getsockopt: connection refused, Retrying in 1.080381816s... not sure why it fails to connect, when I try the following it works
ssh -p 54XXX [email protected]which means the ssh key is okay and exists in authorized_keys
from vuls.
kotakanbe
commented on July 17, 2024
@pyed Try this config !!
[servers]
[servers.176-X-XXX-XXX]
host = "176.X.XXX.XXX"
port = "54XXX"
user = "pyed"
keyPath = "/home/pyed/.ssh/id_rsa"
from vuls.
pyed
commented on July 17, 2024
I did not notice the dashes, now it seems to work but complains about not being able to use sudo, i tried to run prepare with root, but the same happened, it would be a lot better if you list the dependences rather than asking for root access
from vuls.
pyed
commented on July 17, 2024
pyed@Debian7:~$ vuls scan
INFO[0000] Begin scannig (config: /home/pyed/config.toml)
[Apr 11 20:46:38] INFO [localhost] Validating Config...
time=2016-04-11T20:46:38+03:00, remote_ip=127.0.0.1, method=GET, uri=/health, status=200, took=151.101µs, sent=0 bytes
[Apr 11 20:46:38] INFO [localhost] Detecting OS...
[Apr 11 20:46:39] INFO [localhost] Scanning vulnerabilities...
[Apr 11 20:46:39] INFO [localhost] Check required packages for scanning...
[Apr 11 20:46:40] ERROR [XXXXXXXXXXXXXXXXXXX] aptitude is not installed
[Apr 11 20:46:40] ERROR [localhost] Please execute with [prepare] subcommand to install required packages before scanning
[Apr 11 20:46:40] ERROR [localhost] Failed to scan. err: [email protected]: aptitude is not installed.
pyed@Debian7:~$ vuls prepare
INFO[0000] Begin Preparing (config: /home/pyed/config.toml)
[Apr 11 20:46:58] INFO [localhost] Detecting OS...
[Apr 11 20:46:58] INFO [localhost] Installing...
[Apr 11 20:46:58] INFO [XXXXXXXXXXXXXXXXXXX] apt-get update...
[Apr 11 20:47:00] ERROR [XXXXXXXXXXXXXXXXXXX] Failed to apt-get update. status: 1, stdout: [sudo] password for pyed: Sorry, try again.
[sudo] password for pyed:
sudo: 1 incorrect password attempt
, stderr:
[Apr 11 20:47:00] ERROR [localhost] Failed: [email protected]: Failed to apt-get update. status: 1, stdout: [sudo] password for pyed: Sorry, try again.
[sudo] password for pyed:
sudo: 1 incorrect password attempt
, stderr: .
pyed@Debian7:~$ su
Password:
root@Debian7:/home/pyed# apt-get install aptitude
Reading package lists... Done
Building dependency tree
Reading state information... Done
aptitude is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.it doesn't wait for me to type the password for that sudo command.
from vuls.
kotakanbe
commented on July 17, 2024
@pyed Thanks for reporting.
it would be a lot better if you list the dependences rather than asking for root access
The document of dependencies is here.
https://github.com/future-architect/vuls#usage-prepare
Currently, It's needed to define password If you want to ssh with sudo password,
[servers]
[servers.176-X-XXX-XXX]
host = "176.X.XXX.XXX"
port = "54XXX"
user = "pyed"
password = "password" # sudo password of pyed on the target server
keyPath = "/home/pyed/.ssh/id_rsa"
You can configure NOPASSWORD in /etc/sudoers on the target server If you don't want to write plain password in the config.
http://askubuntu.com/questions/334318/sudoers-file-enable-nopasswd-for-user-all-commands
In the near future, I am going to implement password-less option in the config.
(see #11 (comment) )
from vuls.
kotakanbe
commented on July 17, 2024
I implement -ask-sudo-password option and -ask-key-password option.
Now, you can avoid to define plain password in config.
see #35
from vuls.
Related Issues (20)
- Having redhat section when scanning ubuntu vm HOT 1
- Question: Heatmap Category Count HOT 2
- Windows not shown in supported OS list HOT 3
- Support for Fedora is not working HOT 1
- Remote scan from Linux to Windows fails
- Results of the scan & report seem odd HOT 3
- Issue in trivy to vuls convertor HOT 1
- How to remove password from the logs ? HOT 1
- no information in "title" field for vuls scan on ubuntu vm HOT 6
- Error on json report : err: json: cannot unmarshal object into Go struct field Nvd.Cvss2 of type HOT 2
- A lot of bugs are there
- How is server/json mode expected to work for windows ? HOT 1
- false positive redhat unpatched vulnerability HOT 2
- severity is different for each scan on debian
- failed to get modularitylabel on RedHat HOT 1
- Enhanced kernel package check with multiple versions installed HOT 1
- The enhancement of the amount of cveContents information included in trivy-to-vuls HOT 1
- Difference in cve contents between vuls report and trivy-to-vuls
- Support for alpine is not actually in place despite the OS being listed as supported HOT 1
- Multiple versions are detected in some packages on Debian-based distributions HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from vuls.