Silly question - the nessus user authentication seems a bit last minute
to me, is this deliberate, or is it planned this way...
My issue is that I have a server which runs nessusd and has several
people connecting through via the various nessus clients, of course I'd
like to password these (allow flexibility etc)... nessus-adduser allows
me to assign a password but not change it -- or allow the users to
change their own passwords.
Is there a reason why nessus users are designed like this?
I have patched a test version of nessusd on my system to use PAM to
authenticate with the OS passwords (and will continue to do a cron like
allow-deny list) should I release this for the Nessus source?
thanks
dave
to me, is this deliberate, or is it planned this way...
My issue is that I have a server which runs nessusd and has several
people connecting through via the various nessus clients, of course I'd
like to password these (allow flexibility etc)... nessus-adduser allows
me to assign a password but not change it -- or allow the users to
change their own passwords.
Is there a reason why nessus users are designed like this?
I have patched a test version of nessusd on my system to use PAM to
authenticate with the OS passwords (and will continue to do a cron like
allow-deny list) should I release this for the Nessus source?
thanks
dave