Configuring Linux Operating System Public Key Authentication
To scan Linux operating systems by using secure public
key authentication, you must configure your JSA console
or managed host and the asset that you want to scan. When authentication
is configured you can do authenticated scanning by specifying a Linux
operating system user name, and not specifying a password. JSA supports both rsa
and dsa
for SSH key generation.
You must install a public and private key on a QVM scanner, and install the public key on the scan target.
A QVM scanner is automatically installed on a QVM processor host, and might also be installed on other managed hosts.
The user account on the scan target must have a login shell and must be capable of running the commands that are required for a patch scan on the target. For more information, see Enabling Permissions for Linux or UNIX Patch Scans.
This procedure describes how to configure a single public/private key pair and transfer them to a QVM scanner and scan target.
Create a scan profile in JSA Vulnerability Manager with user name of the user on the scan target without specifying a password and run a patch scan.