4 Replies Latest reply on Jun 26, 2012 5:34 PM by cgrim

    how to scan Redhat servers or linux system using certificate

    devilson911

      Hi,

       

      can some one advice how do we scan the Linux systems using the certificate,not able to find any article in the KB.

       

      iam new to process of VA scanning for Linux system.

       

      Regards

        • 1. Re: how to scan Redhat servers or linux system using certificate

          First make sure your target is running a version of Linux we support:

          https://kc.mcafee.com/corporate/index?page=content&id=KB53051

           

          Second, make sure the user can run all the commands specific to Linux that are detailed in the following KB:

          https://kc.mcafee.com/corporate/index?page=content&id=KB54752

           

          Be sure to select " Trust unknown remote-shell targets" in the credentials settings, and check either "Certificate only" or "Certificate or Password".

           

          For added security you can collect the target SSH Keys using the following option in the Scan Configuration:

          Settings / Optimize

          SSH Key Collection Option  

          Perform SSH Key Collection 

          This will allow you to uncheck "Trust unknown..."

           

          For even more added security you can use the MVM Certificate Management Tool to import your own SSH Client keys (you need your passphrase) to MVM and distribute them to the Scan Engines to use for negotiation.  The tool is available from Support depending on what version you're using.  The tool is not yet available for version 7.5.

           

          If you need more assistance, you should open a Service Request.  Support can help you.

           

          I hope that helps!

          Cathy

          1 of 1 people found this helpful
          • 2. Re: how to scan Redhat servers or linux system using certificate
            devilson911

            Hi,

            thanks for reply, it’s a supported platform

            I am not clear do we need user id and password or certificate is enough to run the scan.

            also the Linux admin is asking for MVM Public Certificate key he will add it in the Linux system for authentication is this scenario is correct.

            already I open ticket with the Support and waiting for their response.

            • 3. Re: how to scan Redhat servers or linux system using certificate
              devilson911

              hi,

               

              back again, open ticket with support and they provide the document for configuring the public key of MVM on Linux system, but the problem i have to trust this system in my MVM,iam not able to perform this step since no option in the FCM Console(SSH Server Certificate).

               

              can you please advice how can i trust those system in MVM 7.0.7

               

              the ticket already closed and it will take time till they responed for a new query.

               

              Regards

              • 4. Re: how to scan Redhat servers or linux system using certificate

                Hi D.

                 

                Check the in-content help ("?" in the product) for "Managing Credentials" "Trust unknown remote-shell targets".

                 

                You only need to do that for targets that you've not collected the public certs from.  Check the Scan Optimize Section for:

                SSH Key Collection Option 

                Perform SSH Key Collection


                Once you do that, you don't need to "trust unknown".

                 

                I hope that helps!
                Cathy

                1 of 1 people found this helpful