"Ninan, Anil" <[EMAIL PROTECTED]> writes: > Since users can give the userid and password to others > what will be the best way to authenticate? Client certificate?
Well, if they can give their password, they can give their certificate too. > Where can I find the steps to create and activate a client > certificate? nessus-mkcert-client > I created a certificate using nessus-mkcert but how do I limit it to > a particular client ip address? You cannot, we did not implemented this kind of this. (BTW, nessus-mkcert is for the server) > Do I just copy the certificate created by nessus-mkcert to the > client machine for NessusWX to use? *Not* the server certificate! -- mailto:arboi@;bigfoot.com GPG Public keys: http://michel.arboi.free.fr/pubkey.txt http://michel.arboi.free.fr/ http://arboi.da.ru/ FAQNOPI de fr.comp.securite : http://faqnopi.da.ru/ - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
