On Sun, Jan 12, 2003 at 12:33:58PM -0500, Doug Sax wrote: > My bad, not enough information. I did run nessus-adduser to add "root" > in the user database.
Well then, what type of authentication did you choose when you ran that script? And what do you see in the directory users/root/auth under your local state directory (probably /usr/local/var/nessus)? If you opted for password authentication, you should have a file called either passwd or hash. Do you? The former would hold the unencrypted password; the later the password encrypted using MD5. If instead you opted to use certificates, then you should have a file called dname and it should contain the distinguished name of the user (from his X509 certificate). Does that check out instead? Btw, if you opted to use certificates, keep in mind you need to set up your configuration files (nessusd.conf and .nessusrc) to use certificates as described in README_SSL in the nessus-core directory. Btw^2, you should also see a file called rules in that directory. It may be empty but must exist for the user to log in. > Your correct, I did mean "nessusd -L" and it > should list users existing in the user database. You did say you were running 1.2.7, right? While that option did exist once, at some point it was removed -- it's not mentioned in the man page that accompanies 1.2.7 nor does it appear in the source for that version. > I wanted to delete > "root" as a user and recreate him to see I would be able to login > successfully. nessus-rmuser can be used to remove a user from the Nessus user database. George -- [EMAIL PROTECTED]
msg03264/pgp00000.pgp
Description: PGP signature
