Fix SSH publickey auth checking: result was not returned.

nselib/libssh2-utility.lua

@@ -163,12 +163,22 @@ end
 --
 -- @param username A username to authenticate as.
 -- @param key Base64 decrypted public key.
+-- @return true if the public key can be used to authenticate as the user, false otherwise
+-- @return Error message if an error occurs.
 function SSHConnection:publickey_canauth (username, key)
+  local status, err
   if self.session then
-    libssh2.publickey_canauth(self.session, username, key)
+    status, err = pcall(libssh2.publickey_canauth, self.session, username, key)
+    if status then
+      -- no error thrown; return the actual result
+      status = err
+      err = nil
+    end
+  else
+    status = false
+    err = "No session established"
   end
+  return status, err
 end
 
 return _ENV
-
-

scripts/ssh-publickey-acceptance.nse

@@ -60,9 +60,14 @@ function action (host, port)
         local status, result = helper:read_publickey(publickeys[i])
         if not status then
           stdnse.verbose("Error reading key: " .. result)
-        elseif helper:publickey_canauth(usernames[j], result) then
+        else
-          table.insert(r, "Key " .. publickeys[i] .. " accepted for user " .. usernames[j])
+          local status, err = helper:publickey_canauth(usernames[j], result)
-          stdnse.verbose("Found accepted key: " .. publickeys[i] .. " for user " .. usernames[j])
+          if status then
+            table.insert(r, "Key " .. publickeys[i] .. " accepted for user " .. usernames[j])
+            stdnse.verbose("Found accepted key: " .. publickeys[i] .. " for user " .. usernames[j])
+          elseif err then
+            stdnse.debug("Error in publickey_canauth: %s", err)
+          end
           helper:disconnect()
           helper:connect(host, port)
         end