We are using an MVM 7.0, and trying to scan Unix based OS. We would like to make it through an SSH tunnel, therefore trying to set up a two-way trusted system. According to the Configuration Manager Guide, the first step is to issue certificates to the scan engine. It is done, and ok.
But the second step, the collection of the targets' public certificates is not manageable for us, because the "SSH server certificates" window in the MVM Configuration Manager is not listed, therefore cannot be displayed.
It is referenced in the documentation, and the local help also, so we can't figure it out why it is not displayed?
Thanks for your help!
In previous version of Foundstone, SSH key collection was done using the Foundstone configuration manager. Now SSH key collection is part of a scan configuration. When creating a scan configuration, on the Settings tab, under Optimize, there is a ‘Perform SSH Key Collection’ checkbox. Selecting this option means while scanning, Foundstone will collect the SSH keys that are available on the Unix targets. After the SSH keys are collected by the scan, you can then go to the asset management page and mark the assets which has ssh keys as trusted and run shell advanced scan against these trusted targets.
Hi my name is Daniel.
What is the procedure to install the public certificates on a Unix system.
This KB has some examples of common problems and solutions with SSH Key distribution:
I hope it helps!