[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nessus
Subject:    Re: login failed due to certification
From:       George Theall <theall () tifaware ! com>
Date:       2004-11-20 1:29:24
Message-ID: 20041120012924.GB7074 () tifaware ! com
[Download RAW message or body]

[Attachment #2 (multipart/signed)]


On Thu, Nov 18, 2004 at 07:59:12AM -0500, fariborz.saremi@gsa.gov wrote:

>    I recently installed Nessus 2.2 on Redhat 9. When trying to login to
>    the server portion and put in the root password, then I get a popup
>    regarding the certification verification, with "yes" and "no" option
>    to respond. Either gives me "login failed".

Have you run nessus-adduser to add the username with which you're
logging in? Check whether the directory
$localstatedir/nessus/users/$login exists. 

If you're trying to authenticate with a password, make sure that (1)
you're not requiring certificate-based authentication (this occurs if
you have "force_pubkey_auth = yes" in nessusd.conf) and (2) the password
either appears as plaintext in the file password or as an MD5 hash in
the file hash, both in $localstatedir/nessus/users/$login/auth. 

If instead you're trying to authenticate with a certificate, make sure
the user's certificate subject appears in the file dname in
$localstatedir/nessus/users/$login/auth.  [Note that there are some
issues with nessus-adduser and nessus-mkcert-client that arise with
certain combinations of OpenSSL and nessus that will require adjusting
the content of that file.] Also, make sure that the client config file
you're using points to the user's cert and private key as well as the
CA's cert. 

George
-- 
theall@tifaware.com

[Attachment #5 (application/pgp-signature)]

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[prev in list] [next in list] [prev in thread] [next in thread]