Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[exception] did not receive banner. exception #29

Open
jpluimers opened this issue Jul 28, 2017 · 8 comments
Open

[exception] did not receive banner. exception #29

jpluimers opened this issue Jul 28, 2017 · 8 comments
Labels
enhancement question

Comments

@jpluimers
Copy link

For an sshd configuration, it is valid to have the Banner option in /etc/ssh/sshd_config set to none.

However, ssh-audit then always throws a [exception] did not receive banner..

It would be nice if ssh-audit could optionally skip checking for a banner.
@arthepsy
Copy link
Owner

arthepsy commented Sep 26, 2017
edited
Loading

Banner in sshd_config is something different than exception regarding "banner". Even by default it is none. Exception is regarding identification string, e.g., SSH-2.0-OpenSSH_7.5.... I can agree that wording could be better.

@jpluimers, do You really get that exception? I would like to debug that case, because only way I can achieve it, is by faking sshd server and not sending identification string.

@jpluimers
Copy link
Author

I should have put the ssh-audit version and server target in the issue. Need to find out which machine this was meant for as I forgot. Might take a while, so please keep this open for now.

@arthepsy
Copy link
Owner

OK, and also, please, let me know if You give up, so this issue shouldn't stay open forever.

@jpluimers
Copy link
Author

I got it one more time at a RaspberryPi connected via LAN from a MacBook connected via WiFi at my brothers place when he was using his microwave.

Plain ssh works fine, but ssh-audit fails every now and then. I think ssh is more resilient to a non-stable network than ssh-audit.

@arthepsy
Copy link
Owner

That could be the case, as I have set-up very small timeout limits (3 seconds for connection, 5 seconds for reading data) to use it for bulk scans and receive answer fast when ssh server doesn't respond. This could be made configurable, but that would add new option, which should be remembered and used.

Does that sound something useful for You?

@jpluimers
Copy link
Author

It does. Though I understand your hesitation to add yet another set of options.

@arthepsy
Copy link
Owner

arthepsy commented Oct 1, 2017

Option could be added, just have to think about the naming and design, e.g., will that include two options (connection and read timeout) or a single one; how to specify them intuitively, etc. I was thinking something along the lines of -t 3:5. What do You think?

@jpluimers
Copy link
Author

Good idea.

Note that having one option with a list of parameters can be hard parsing and harder to remember the order of the parameters, so it might be easier to support this:

[--connection-timeout|-ct] <integer>
[--read-timeout|-rt] <integer>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jpluimers @arthepsy