login failed due to certification

[George Theall]

On Thu, Nov 18, 2004 at 07:59:12AM -0500, fariborz.saremi at gsa.gov wrote:

>    I recently installed Nessus 2.2 on Redhat 9. When trying to login to
>    the server portion and put in the root password, then I get a popup
>    regarding the certification verification, with "yes" and "no" option
>    to respond. Either gives me "login failed".

Have you run nessus-adduser to add the username with which you're
logging in? Check whether the directory
$localstatedir/nessus/users/$login exists. 

If you're trying to authenticate with a password, make sure that (1)
you're not requiring certificate-based authentication (this occurs if
you have "force_pubkey_auth = yes" in nessusd.conf) and (2) the password
either appears as plaintext in the file password or as an MD5 hash in
the file hash, both in $localstatedir/nessus/users/$login/auth. 

If instead you're trying to authenticate with a certificate, make sure
the user's certificate subject appears in the file dname in
$localstatedir/nessus/users/$login/auth.  [Note that there are some
issues with nessus-adduser and nessus-mkcert-client that arise with
certain combinations of OpenSSL and nessus that will require adjusting
the content of that file.] Also, make sure that the client config file
you're using points to the user's cert and private key as well as the
CA's cert. 

George
-- 
theall at tifaware.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.nessus.org/pipermail/nessus/attachments/20041119/de02e218/attachment.bin