Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: login failed due to certification

from [George Theall] Network Security [Permanent Link]
Subject: Re: login failed due to certification
Date: Fri, 19 Nov 2004 20:29:24 -0500 
On Thu, Nov 18, 2004 at 07:59:12AM -0500, fariborz.saremi@gsa.gov wrote:


   I recently installed Nessus 2.2 on Redhat 9. When trying to login to
   the server portion and put in the root password, then I get a popup
   regarding the certification verification, with "yes" and "no" option
   to respond. Either gives me "login failed".


Have you run nessus-adduser to add the username with which you're
logging in? Check whether the directory
$localstatedir/nessus/users/$login exists. 

If you're trying to authenticate with a password, make sure that (1)
you're not requiring certificate-based authentication (this occurs if
you have "force_pubkey_auth = yes" in nessusd.conf) and (2) the password
either appears as plaintext in the file password or as an MD5 hash in
the file hash, both in $localstatedir/nessus/users/$login/auth. 

If instead you're trying to authenticate with a certificate, make sure
the user's certificate subject appears in the file dname in
$localstatedir/nessus/users/$login/auth.  [Note that there are some
issues with nessus-adduser and nessus-mkcert-client that arise with
certain combinations of OpenSSL and nessus that will require adjusting
the content of that file.] Also, make sure that the client config file
you're using points to the user's cert and private key as well as the
CA's cert. 

George
-- 
theall@tifaware.com

Attachment: pgp19zq1m6Gln.pgp
Description: PGP signature

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: bind() failed : Cannot assign requested address ??, George Theall
Next by Date:  RE: bind() failed : Cannot assign requested address ??, Brennon Williams
Previous by Thread:  login failed due to certification, fariborz . saremi
Next by Thread:  Installation Help, Rich Lichvar
Indexes:  [Date] [Thread] [Top] [All Lists]