A two question head-scratcher:
"admin" has sudo-NOPASSWD permissions and an ssh key pair in place.
The scan works, but what do I need to change to get the results pulled back to
the server sending the command ?
Also, is there any way to push the oval file to the remote server being scanned
rather than it trying to reach out to redhat.com and failing ?
oscap-ssh --sudo [email protected] 22 \
xccdf eval --fetch-remote-resources \
--datastream-id
scap_org.open-scap_datastream_from_xccdf_ssg-rhel6-xccdf-1.2.xml \
--xccdf-id scap_org.open-scap_cref_ssg-rhel6-xccdf-1.2.xml \
--profile xccdf_org.ssgproject.content_profile_stig-rhel6-server-upstream \
--oval-results --results /tmp/xccdf-results.xml \
--results-arf /tmp/arf.xml \
--report /tmp/report.html \
/usr/share/xml/scap/ssg/content/ssg-rhel6-ds.xml
Starting the evaluation...
Downloading:
https://www.redhat.com/security/data/oval/Red_Hat_Enterprise_Linux_6.xml ...
error
WARNING: Skipping
https://www.redhat.com/security/data/oval/Red_Hat_Enterprise_Linux_6.xml file
which is referenced from XCCDF content
...
oscap exit code: 2
Copying back requested files...
scp: /tmp/tmp.7K11FjQr05/results.xml: Permission denied
Failed to copy the results file back to local machine!
[admin@jump-linux ~]$ ls -l /tmp/tmp.7K11FjQr05
total 21080
-rw-------. 1 admin admin 6926401 Jan 18 00:30 input.xml
-rw-------. 1 root root 2228430 Jan 18 00:33 report.html
-rw-------. 1 root root 10151542 Jan 18 00:33 results-arf.xml
-rw-------. 1 root root 2268318 Jan 18 00:33 results.xml
Dan White | [email protected]
------------------------------------------------
“Sometimes I think the surest sign that intelligent life exists elsewhere in the
universe is that none of it has tried to contact us.” (Bill Waterson: Calvin &
Hobbes)
_______________________________________________
Open-scap-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/open-scap-list
