Good Afternoon Arfelix,
I have messed with this in the past and this is the way I do it.
First in the default shell line you have to tell the scanner what shell it needs to use during the session. You can also find in the Knowledge Base the commands the scanner needs to be able to run so it can scan successfully.
Depending on the level of access the account you use for the scanner has,you do not really need to provide root access
I check the password box and leave Certificate checked, MVM does not like it if it is unchecked, and it’s default behavior is to use certs, which it may not have, there is a KB article on it; if it locks out your account on the target server here.
I have not quite figured out the whole Sudo with a certificate yet, so I do not mess with it.
Be sure to check the boxes for SSH key collection and Trust remote shells orthe SSH session will fail.
As for the windows options; Domain is for a server using creds in ActiveDirectory. Workgroup I do not have any good explanation for. Servers that are stand alone, I use Windows Individual Host and whatever creds are local to the server and they work fine.
Application is for web app scanning as I understand it. I could be wrong
I hope that helps