SCAP Workbench compiled without remote scanning support #14
Comments
|
Hi, It all ties to this bug https://bugzilla.mindrot.org/show_bug.cgi?id=1278#c7 The experience is decent if you can setup cygwin openssh with a password-less private key. Doing that on Windows is not trivial. In the future I hope to implement remote scan using putty. It requires a completely new remote scan code just for Windows but it should provide a decent usability. If you know about an openssh port for Windows that supports I will keep this bug open to track Windows remote scan support progress. |
|
Does this hold any possibility of working? |
|
That might work for keys. However, I think users will overwhelmingly want to use password auth. Especially on Windows where SSH keys are very rare. As the first step I want to get password auth working, then I will worry about ssh key auth. We could really use somebody from openssh or cygwin or both here. |
|
For what it's worth, I'm willing to help test/document this aspect of the tool (that is, using Workbench from Windows to remote scan Linux servers.) If I can assist, point me in a direction. |
|
Unfortunately we can't move forward with this ticket without patching either OpenSSH or Cygwin. Emailed Corinna Vinschen from the Cygwin project and it seems patching OpenSSH is the easier route. The Cygwin issue regarding passing descriptors via AF_LOCAL/AF_UNIX sockets is fairly old and hard to solve. As I don't know the OpenSSH codebase, any help is appreciated. |
|
While this is only an announcement of an intent, if they hold to their word, it may provide another avenue to explore: http://blogs.msdn.com/b/looking_forward_microsoft__support_for_secure_shell_ssh1/archive/2015/06/02/managing-looking-forward-microsoft-support-for-secure-shell-ssh.aspx |
|
@Jakuje patched ssh to work on Windows. See https://github.com/Jakuje/stuff/blob/master/openssh_without_fdpass.patch I am looking into the patch, so far it looks very promising. |
|
@jeffstoner I have good news :-) Thanks to the work of @Jakuje we now have a testing release for From my testing I can scan
|
|
Sweeeeeeeeeeeeeeeet! I'll start running some tests and update this ticket with results. Thanks again! |
|
Hi @jeffstoner Any news? |
|
Hi @jeffstoner I want to solve a few remaining issues and then release 1.1.1 with the remote scan support on Windows. |
|
Sorry. I was under the gun to meet a deadline for my project. I was anticipating using this when I build the servers but that's waiting on an executive decision (go figure.) Let me dig up some older (non-production) servers that I can munge. |
|
This has been fixed. |
Just downloaded SCAP Workbench 1.1.0 for Windows (msi installer from http://martin.preisler.me/2015/03/scap-workbench-1-1-0/). The options for Target and the Scan button are greyed-out. When I mouse-over the Target options, the tool tip says it was not compiled with remote scanning support.
I'm running Win 7 Pro, SP1, 64-bit.
The text was updated successfully, but these errors were encountered: