On Mittwoch, 3. Dezember 2008, Felix Wolfsteller wrote:
> Change Request #20 is open for votes now.
>
> The idea in a nutshell:
> openvas-client should allow ssh login information
> a) to be managed more easily (graphically)
> b) to be selected on a per-host basis
> to simplifiy the process for local checks / SLAD.
>
> Greater detail at http://www.openvas.org/openvas-cr-20.html .
>
> Feel free to comment and vote.
in principle I vote +1 on this very helpful feature.
The iterative approach is good.
Note that the first step should not end up offering
all available key from ~/.ssh
We need a separate (OpenVAS-specific) store of these
data from the beginning. The second step should then
be to have a GUI to manage this store.
If OpenVAS-Client would directly access ~/.ssh one
could accidently send important private keys.
What also comes to my mind:
We need to fix up the problem that ssh_funcs needs
the public key to work properly. In fact, the public key
is not necessary and thus should not be part of the
sshcredentials.
Next: Are we going to support both uname+pw and
uname+key+pw? Or should we drop one of them?
Best
Jan
--
Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
_______________________________________________
Openvas-devel mailing list
Openvas-devel@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
