deraison at nessus
Sep 13, 2002, 7:57 AM
Post #7 of 8
On Fri, Sep 13, 2002 at 07:22:24AM -0400, David Lodge wrote:
> > > Is there a reason why nessus users are designed like this?
> > No
> > We could easily write a nessus-passwd command from nessus-adduser.
> That's no problem -- and I could probably could one quite quickly
> (after all its only md5 hashes and its written in shell)...
> But, on the other side; would it be an idea to allow OS (ie PAM)
> authentication as a user option?
I don't really like it. The reason is that this way, anyone with a shell
will get the right to scan with Nessus.
What we could do though, would be to change nessus-adduser to allow the
use of pam as a method of authentication. This way, users _have_ to be
explicitely added, but password management is easy.