CIS-CAT Pro Assessor Command line usage -D
- Chris Boldiston
- Allan Cornwell
Product Name
CIS-CAT Pro Assessor v4
Product Version
n/a
Date
Jul 17, 2020
Background
Options may be used on the command line and will override properties set in the assessor-cli.properties file. Utilize the -D option together with a property=value pair on the command line when you want a single scan to override defaults set in the assessor-cli.properties file.
Problem
We have seen an issue when using the Miscellaneous Option of -D to assess PostgreSQL databases. The command line assessment may fail with this error;
-- [obj:26334500] sql57_object: No description provided................. Exception in thread "main" org.postgresql.util.PSQLException: The server requires password-based authentication, but no password was specified.
Solution
In this specific example, the property=value must be enclosed in quotes so that the full jdbc command is passed to CIS-CAT. For example;
-D "xccdf_org.cisecurity_value_jdbc.url=jdbc:postgresql://127.0.0.1:5432/ciscatdb?user=ciscat&password=ciscat"
Copyright © 2020 Center for Internet Security® Privacy Policy