When I try to assess VMware ESXi with Assessor 4.x.x, I am getting an error "An error occurred creating the session for UserID@my ip"


Product Name

CIS-CAT Pro Assessor

Product Version

v4

Date

Nov 16, 2021



 

Problem

I am trying to run an assessment on a ESXi Host - we are able to connect to the ESXi host and testing the connection works. However, the scan fails with the error "An error occurred creating the session for xxx@x.x.x.x:22. Ensure all session configuration information is correct."

 

It is important to note that the Session type should be local even though the connection will not physically be local.

Solution

Please first make sure you are using the following ESXi connection string formatting: root/password@IPAddress There are also limitations to how you can format the actual password itself, please refer to this support article: Cannot connect to ESXi Target for Assessment

  1. If you’re using a sessions.properties file via the command line or GUI, you will need to modify the sessions.properties file from a SSH connection type to a local session type. Please refer to this section of the user guide: “It is required to utilize a local "session" type for the configuration assessment.

    # ------------------------------------ # # Local Connection # # ------------------------------------ # #session.default.type=local #session.default.tmp=C:\\Temp

     

  2. f you’re using a custom assessor-config.xml via the command line or GUI, you will need to modify the file to use the local Connection type and not the SSH connection

    <!-- ****************************************************************************** A "connection" for a local, host-based assessment ****************************************************************************** --> <session id="local"> <type>local</type> <tmp_path>C:\Path\to\tmp</tmp_path> </session>

     

  3. If you’re using the interactive GUI to enter the information manually, select:

    1. Advanced Scan>

    2. Add remote or local target system>

    3. Target System Type: Local>

    4. Benchmark: ESXi vX>

    5. You will be prompted to enter your ESXi connection string

 

It is important to note that the Session type should be local even though the connection will not physically be local.

Keywords; ESXi

Content by Label


Copyright © 2020

Center for Internet Security®