Metasploit-framework: ssh_login_pubkey does not support ssh key
Steps to reproduce
msf > use auxiliary/scanner/ssh/ssh_login_pubkey
msf auxiliary(scanner/ssh/ssh_login_pubkey) > set key_path /home/micke/.ssh/cuiteur
key_path => /home/micke/.ssh/cuiteur
msf auxiliary(scanner/ssh/ssh_login_pubkey) > set rhosts 10.0.6.235
rhosts => 10.0.6.235
msf auxiliary(scanner/ssh/ssh_login_pubkey) > set rport 52961
rport => 52961
msf auxiliary(scanner/ssh/ssh_login_pubkey) > set username root
username => root
msf auxiliary(scanner/ssh/ssh_login_pubkey) > run
[*] 10.0.6.235:52961 SSH - Testing Cleartext Keys
[*] Error: 10.0.6.235: NotImplementedError OpenSSH keys only supported if ED25519 is available
net-ssh requires the following gems for ed25519 support:
* ed25519 (>= 1.2, < 2.0)
* bcrypt_pbkdf (>= 1.0, < 2.0)
See https://github.com/net-ssh/net-ssh/issues/565 for more information
Gem::LoadError : "ed25519 is not part of the bundle. Add it to your Gemfile."
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
I tried logging in with ssh after getting hold of the private key.
Expected behavior
I expected to get a ssh session.
Current behavior
I get an error complaining that ed25519 is missing.
System stuff
I tried this on kali linux and then on manjaro. Same behaviour on both. Installed with the official package manager in both cases.
I also tried to install ed25519, but I don't know anything about ruby, so that didn't help.
Metasploit version
4.17.5-dev on Manjaro
4.17.13-dev on Kali
bug
mbloms
All 5 comments
msf auxiliary(scanner/ssh/ssh_login_pubkey) > run
[*] 10.0.6.235:52961 SSH - Testing Cleartext Keys
[*] Error: 10.0.6.235: NotImplementedError OpenSSH keys only supported if ED25519 is available
net-ssh requires the following gems for ed25519 support:
* ed25519 (>= 1.2, < 2.0)
* bcrypt_pbkdf (>= 1.0, < 2.0)
See https://github.com/net-ssh/net-ssh/issues/565 for more information
Gem::LoadError : "ed25519 is not part of the bundle. Add it to your Gemfile."
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(scanner/ssh/ssh_login_pubkey) > version
Framework: 4.17.14-dev
Console : 4.17.14-dev
Tried updating to latest release, same result.
mbloms
on 27 Sep 2018
I also experience the same issue
AndreasBrommund
on 27 Sep 2018
We have ~neither of those gems~ bcrypt_pbkdf but not ed25519. We should add ~them~ it.
wvu-r7
on 28 Sep 2018
msf5 auxiliary(scanner/ssh/ssh_login_pubkey) > run
[*] [redacted]:22 SSH - Testing Cleartext Keys
[*] Error: [redacted]: NotImplementedError OpenSSH keys only supported if ED25519 is available
net-ssh requires the following gems for ed25519 support:
* ed25519 (>= 1.2, < 2.0)
* bcrypt_pbkdf (>= 1.0, < 2.0)
See https://github.com/net-ssh/net-ssh/issues/565 for more information
Gem::LoadError : "ed25519 is not part of the bundle. Add it to your Gemfile."
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf5 auxiliary(scanner/ssh/ssh_login_pubkey) >
wvu@kharak:~/metasploit-framework:master$ bundle list | grep -e ed25519 -e bcrypt_pbkdf
* bcrypt_pbkdf (1.0.0)
wvu@kharak:~/metasploit-framework:master$
I've pushed a fix referenced above. Once that merges, it should work. In the meantime, you may apply the patch manually.
wvu-r7
on 28 Sep 2018
🎉2
👍2
Was this page helpful?
0 / 5 - 0 ratings
Related issues
adrianmihalko
路
3Comments
BaconBombz
路
3Comments
Funeoz
路
3Comments
0x27
路
3Comments
handsomebeast
路
3Comments
Most helpful comment
I've pushed a fix referenced above. Once that merges, it should work. In the meantime, you may apply the patch manually.