[Fed-Talk] Retina Scanning Problem
[Fed-Talk] Retina Scanning Problem
- Subject: [Fed-Talk] Retina Scanning Problem
- From: John Daly <email@hidden>
- Date: Tue, 23 Sep 2008 08:55:29 -0700
Greetings all,
Hopefully someone on this list will have some experience with this. To do our Certification and Accreditation scans, we are required to do a credentialed scan with eEye Retina. I have about 70 Macs, mostly 10.4.11. When Retina does the scan using the credentials I created, I get an error message: "SSH Local Access Not Available." The text says to check and make sure that ssh protocol 2 is enabled (it is) that the account is active (it is) and that it has admin access (it does.)
The IA department has a document which tells how to prepare for the scan, stating that it needs an account that can log in via ssh, that can run system_profile, that has a home directory that it can write to, and that it can read the /etc directory. I have logged in with ssh and verified all of these things are true, but I still get the error when Retina tries it.
Here's where it gets weird: This happens on 50-80% of the computers. But not the same computers each time. In other words, I can run a scan including a computer Mac1, and Retina will scan Mac1 with the credentials supplied. I can then re-run the scan, and Retina will not be able to scan with those same credentials.
Looking in the secure.log, here is the only clue I have as to why this might be happnening:
Sep 23 07:29:27 Mac1 sshd[5612]: Did not receive identification string from 172.17.xxx.xx
Sep 23 07:29:27 Mac1 sshd[5613]: Bad protocol version identification 'GET /? HTTP/1.0' from 172.17.xxx.xx
This message occurs only one time on the machines that work. It occurs multiple times on the machines that don't.
Any clues as to how to get Retina to scan my computers would be helpful.
thank you,
John
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden