sorry, I mean, although i change SSH port to something else like *60215*, the dry run command will result:
*oscap-ssh r <[email protected]>oot@target-ip 22 xccdf eval \* *--fetch-remote-resources \* *--datastream-id scap_org.open-scap_datastream_from_xccdf_ssg-rhel7-xccdf-1.2.xml \* *--xccdf-id scap_org.open-scap_cref_ssg-rhel7-xccdf-1.2.xml \* *--profile xccdf_org.ssgproject.content_profile_standard \* *--oval-results --results /tmp/xccdf-results.xml \* *--results-arf /tmp/arf.xml \* *--report /tmp/report.html \* */usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml* But I notice if I use port like 111 or 8000, it will correctly displayed, changing port to 50000 or 60000 will result above (port 22) On Fri, Sep 22, 2017 at 4:35 PM, DD Donny Lie <[email protected]> wrote: > If I use this in CentOS 7 terminal (removed --oval-results, --results-arf) > : > *oscap-ssh root@ip-address 60215 xccdf eval \* > *--fetch-remote-resources \* > *--datastream-id > scap_org.open-scap_datastream_from_xccdf_ssg-rhel7-xccdf-1.2.xml \* > *--xccdf-id scap_org.open-scap_cref_ssg-rhel7-xccdf-1.2.xml \* > *--profile xccdf_org.ssgproject.content_profile_standard \* > *--report /root/report-standard-via-clie.html \* > */usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml* > > *it is working,* > > > but same 'dry run' command above *USING* workbench will result: > *error* > *Failed to locate oscap on remote machine. Please, check that > openscap-scanner is installed on the remote machine.* > > and the workbench is loading very long while I click scan, > > > > and 'dry run' will result in clipboard below (which maybe you guys should > fix it): > *oscap-ssh [email protected] <[email protected]> 22 xccdf eval \* > *--fetch-remote-resources \* > *--datastream-id > scap_org.open-scap_datastream_from_xccdf_ssg-rhel7-xccdf-1.2.xml \* > *--xccdf-id scap_org.open-scap_cref_ssg-rhel7-xccdf-1.2.xml \* > *--profile xccdf_org.ssgproject.content_profile_standard \* > *--oval-results --results /tmp/xccdf-results.xml \* > *--results-arf /tmp/arf.xml \* > *--report /tmp/report.html \* > */usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml* > > > On Fri, Sep 22, 2017 at 3:21 PM, DD Donny Lie <[email protected]> wrote: > >> *From CentOS 7 (scap workbench) * >> *to target (CentOS 7) installed latest openscap-scanner* >> *the target is VM guest under ESXi 5.5,* >> >> >> 15:02:25 >> info >> SCAP Workbench 1.1.4, compiled with Qt 4.8.5, using OpenSCAP 1.2.14 >> >> 15:02:54 >> info >> Opened file '/usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml'. >> >> 15:04:08 >> info >> Establishing connecting to remote target... >> >> 15:04:18 >> info >> Connection established. >> >> 15:04:18 >> info >> Checking if oscap is available on remote machine... >> >> 15:08:19 >> error >> Failed to locate oscap on remote machine. Please, check that >> openscap-scanner is installed on the remote machine. >> >> >> *Am I missing something? this should be pretty basic right, but its not >> working?* >> >> >> On Fri, Sep 22, 2017 at 2:49 PM, DD Donny Lie <[email protected]> wrote: >> >>> *Target Machine:* >>> >>> oscap -V >>> OpenSCAP command line tool (oscap) 1.2.14 >>> Copyright 2009--2017 Red Hat Inc., Durham, North Carolina. >>> >>> ==== Supported specifications ==== >>> XCCDF Version: 1.2 >>> OVAL Version: 5.11.1 >>> CPE Version: 2.3 >>> CVSS Version: 2.0 >>> CVE Version: 2.0 >>> Asset Identification Version: 1.1 >>> Asset Reporting Format Version: 1.1 >>> >>> ==== Capabilities added by auto-loaded plugins ==== >>> No plugins have been auto-loaded... >>> >>> ==== Paths ==== >>> Schema files: /usr/share/openscap/schemas >>> Default CPE files: /usr/share/openscap/cpe >>> Probes: /usr/libexec/openscap >>> >>> >>> On Thu, Sep 21, 2017 at 8:29 PM, DD Donny Lie <[email protected]> wrote: >>> >>>> *Here you go my detail:* >>>> Target machine: CentOS 7 (installed openscap-scanner) >>>> scap-workbench: RHEL 7 >>>> connect via internet >>>> >>>> root@target-ip at port 60215 >>>> port forwarding to 22 >>>> >>>> *Diganostics says:* >>>> >>>> 19:47:55 >>>> info >>>> SCAP Workbench 1.1.4, compiled with Qt 4.8.5, using OpenSCAP 1.2.14 >>>> >>>> 19:48:00 >>>> info >>>> Opened file '/usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml'. >>>> >>>> 19:48:37 >>>> info >>>> Establishing connecting to remote target... >>>> >>>> 19:48:46 >>>> info >>>> Connection established. >>>> >>>> 19:48:46 >>>> info >>>> Checking if oscap is available on remote machine... >>>> >>>> 19:48:47 >>>> error >>>> *Failed to locate oscap on remote machine. Please, check that >>>> openscap-scanner is installed on the remote machine.* >>>> >>>> *Thanks,* >>>> *Donny Lie* >>>> >>>> >>>> On Thu, Sep 21, 2017 at 7:44 PM, DD Donny Lie <[email protected]> >>>> wrote: >>>> >>>>> Hello, >>>>> I have a CentOS 7 with installed openscap-scanner >>>>> and I use scap-workbench from my laptop with VM RHEL 7, trying to >>>>> remote scan the CentOS 7, >>>>> >>>>> It succeed login via SSH but Diagnostics says: >>>>> >>>>> *error * >>>>> *Failed to locate oscap on remote machine. Please, check that >>>>> openscap-scanner is installed on the remote machine.* >>>>> >>>>> Am I missing something? >>>>> >>>>> -- >>>>> >>>>> *Donny Lie* >>>>> >>>>> >>>> >>> >> >
_______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
