Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Product Name

CIS-CAT Pro Assessor v4

Product Version

All

Date



Problem

Info

What are the steps needed to setup ssh keys for CIS-CAT remote assessment?

Solution

CIS-CAT Ubuntu server (as user cis);

  1.  Generate rsa key in PEM format (no passphrase) ssh-keygen -t rsa -m PEM

  2.  Copy key to target system ssh-copy-id cis@3.133.121.21

  3.  Configure sessions.properties

session.2.type=ssh

session.2.host=3.133.121.21

session.2.user=cis

session.2.identity=/home/cis/.ssh/id_rsa

session.2.port=22

session.2.tmp=/var/tmp 

Target Ubuntu server (3.133.121.21)

  1.  Add user cis as member of

sudoers
  1. wheel group sudo usermod -aG

sudo
  1. wheel cis

  2. Edit /etc/sudoers and

add
  1. uncomment this line so user cis will NOT be prompted for a password when sudoing;

cis %wheel        ALL=(rootALL) NOPASSWD:       ALL

 Test connection from CIS-CAT server to target

$ sudo ./Assessor-CLI.sh -test

------snip-------

Attempting to load the default sessions.properties, bundled with the application.

Obtaining session connection --> cis@3.133.121.21:22

Connection established.  Test Successful; Disconnecting.

Exit Code 0

Note

Note that this information is provided only for testing and validating key based ssh assessments. Please read the CIS-CAT documentation for more options.

Keywords;

Related Content

by Label

Filter by label (Content by label)
showLabelsfalse
showSpacefalse
cqllabel = "sbp_ferssh"

Copyright © 2020

Center for Internet Security®


Page Properties
hiddentrue

Action

Name(s)

Date

Linked ticket

Created by

Reviewed by

Approved by

Remove by