Comments (13)
Hi,
this is expected behavior right now unfortunately. I can make remote scan work using ssh from cygwin but the experience is too horrible to be in a release. It repeatedly asks for credentials for every task it needs to do. On Linux and OSX it authenticates once and then shares it through a control file. This is not possible on Windows right now. At least not with the cygwin openssh.
It all ties to this bug https://bugzilla.mindrot.org/show_bug.cgi?id=1278#c7
The experience is decent if you can setup cygwin openssh with a password-less private key. Doing that on Windows is not trivial. In the future I hope to implement remote scan using putty. It requires a completely new remote scan code just for Windows but it should provide a decent usability.
If you know about an openssh port for Windows that supports -o ControlMaster
I want to know about it :-)
I will keep this bug open to track Windows remote scan support progress.
from scap-workbench.
Does this hold any possibility of working?
http://www.dereckson.be/blog/2013/08/31/use-ssh-agent-on-windows/
from scap-workbench.
That might work for keys.
However, I think users will overwhelmingly want to use password auth. Especially on Windows where SSH keys are very rare. As the first step I want to get password auth working, then I will worry about ssh key auth.
We could really use somebody from openssh or cygwin or both here.
from scap-workbench.
For what it's worth, I'm willing to help test/document this aspect of the tool (that is, using Workbench from Windows to remote scan Linux servers.) If I can assist, point me in a direction.
from scap-workbench.
Unfortunately we can't move forward with this ticket without patching either OpenSSH or Cygwin. Emailed Corinna Vinschen from the Cygwin project and it seems patching OpenSSH is the easier route. The Cygwin issue regarding passing descriptors via AF_LOCAL/AF_UNIX sockets is fairly old and hard to solve.
As I don't know the OpenSSH codebase, any help is appreciated.
from scap-workbench.
While this is only an announcement of an intent, if they hold to their word, it may provide another avenue to explore: http://blogs.msdn.com/b/looking_forward_microsoft__support_for_secure_shell_ssh1/archive/2015/06/02/managing-looking-forward-microsoft-support-for-secure-shell-ssh.aspx
from scap-workbench.
@Jakuje patched ssh to work on Windows.
See https://github.com/Jakuje/stuff/blob/master/openssh_without_fdpass.patch
I am looking into the patch, so far it looks very promising.
from scap-workbench.
@jeffstoner I have good news :-) Thanks to the work of @Jakuje we now have a testing release for Windows
that can do remote scan! Check out http://martin.preisler.me/2015/03/scap-workbench-1-1-0/ and http://martin.preisler.me/wp-content/uploads/2015/03/scap-workbench-1.1.0-win32-remote-scan-testing.zip
From my testing I can scan Fedora
and RHEL6
remotely from a Windows7
box. Can you confirm that it works for you? Keep in mind that the askpass
dialog is not polished and kind of strange, when it asks about host confirmation you have to type yes
into the askpass dialog. This will be improved for the final release.
from scap-workbench.
Sweeeeeeeeeeeeeeeet!
Downloaded, installed and executed on Win7Pro (against a server that didn't have openscap installed but it did connect.)
I'll start running some tests and update this ticket with results.
Thanks again!
from scap-workbench.
Hi @jeffstoner
Any news?
from scap-workbench.
Hi @jeffstoner
I have heard about some minor issues but it looks like this is worthy of inclusion in the end. Do you have any feedback?
I want to solve a few remaining issues and then release 1.1.1 with the remote scan support on Windows.
from scap-workbench.
Sorry. I was under the gun to meet a deadline for my project. I was anticipating using this when I build the servers but that's waiting on an executive decision (go figure.) Let me dig up some older (non-production) servers that I can munge.
from scap-workbench.
This has been fixed.
from scap-workbench.
Related Issues (20)
- RFE: Search by references/identifier/description/...
- Error Project Compilation on QT5 1.2.1 HOT 1
- windows authentication feature request
- macOS installation instructions HOT 6
- Issue with OpenSCAP app on MacOS BigSur HOT 13
- Package for scap-workbench (ubuntu) only available on 18.04 LTS HOT 8
- Support | Translation file
- Translation | README file | Relevant methodology needed HOT 4
- XCCDF tailoring file not discovered
- Failed to locate oscap on remote machine. Please, check that openscap-scanner is installed on the remote machine. HOT 1
- Documentation Request: How to compile for SUSE/OpenSUSE HOT 3
- Opens but hangs on M1 Pro MacBook HOT 16
- SCAP Workbench Error on Windows - Can't locate Oscar on remote machine
- Hand compile issues with QT on Rocky Linux 8.6 HOT 1
- Failure to build scap-workbench on Ubuntu 22.04.1 HOT 2
- Can't connect to remote host when running scap-workbench on Windows
- Program hanging/oscap errors after remediation and subsequent scans with workbench on new profile HOT 1
- SCAP Workbench: Crypto initialization failed
- 2023 Amazon Linux 2 Issue when yum installing scap-workbench: No match for argument: scap-workbench Error: Unable to find a match: scap-workbench
- Ansible remediation for systemd-journald has invalid syntax because of quotation marks HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from scap-workbench.