SSH Auto-Discovery

Required User Role: Standard, Scan Manager, or Administrator

To configure SSH auto-discovery for Tenable Vulnerability Management or Tenable Nessus:

  1. Log in to your Tenable user interface.

  2. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  3. In the left navigation plane, click Scans.

    The Scans page appears.

  4. In the upper-right corner of the page, click the Create a Scan button.

    The Select a Scan Template page appears.

  5. Select a scan template.

    The scan configuration page appears.

  6. In the Name box, type a name for the scan.

  7. In the Targets box, type an IP address, hostname, or range of IP addresses.
  8. (Optional) Add a description, folder location, scanner location, and specify target groups.

  9. Click the Credentials tab.

    The Credentials pane appears.

  10. In the Select a Credential menu, select the Host drop-down.

    The Host options appears.

  11. Select SSH.

    The Settings pane appears.

  12. In the Auth Type drop-down box, click Tenable for Delinea Secret Server.

    The Tenable for Delinea Secret Server options appear.

  13. Configure each option for the SSH authentication.

    Option Description Required

    Delinea Host

    The Delinea Secret Server host to pull the secrets from.

    yes

    Delinea Port

    The Delinea Secret Server Port for API requests. By default, Tenable uses 443.

    yes
    Delinea Authentication Method

    Indicates whether to use credentials or an API key for authentication. By default, credentials are selected.

    • Platform
    • Credentials

    • An API key

    Note: By default, Credentials is selected.

    		 yes
    Delinea Login Name

    The username to authenticate to the Delinea server.

    		 Yes. Authentication Method: Credential
    Delinea Password

    The password to authenticate to the Delinea server. This is associated with the Delinea Login Name you provided.

    Yes. Authentication Method: Credential
    Delinea API key

    The API key provided by Delinea Secret Server.

    		 Yes. Authentication Method: An API Key
    Delinea Platform Host

    The Delinea Platform Host IP address or Domain name.

    		 Yes. Authentication Method: Platform
    Delinea Platform Port

    The Delinea Platform Port for authentication requests. By default, Tenable uses 443

    		 Yes. Authentication Method: Platform
    Delinea Service Account ID

    The application account Delinea platform REST API

    		 Yes. Authentication Method: Platform
    Query Mode Choose to query accounts using pre-set fields or by constructing a string of URL query parameters. By default, Simple is selected.

    yes
    Folder ID

    Query accounts with the given folder ID. This option is only available if query mode is set to Simple.

    		 no

    Search Text

    Query accounts matching the given search text. This option is only available if query mode is set to Simple.

    no

    Search Field

    The field to search using the given search text. If not specified, the query will search the name field. This option is only available if query mode is set to Simple.

    no
    Exact Match Perform an exact match against the search text. By default, this is unselected. This option is only available if query mode is set to Simple.

    no
    Query String Provide a string of URL query parameters. This option is only available (and required) if the query mode is set to Advanced.

    yes
    Use Private Key Use key-based authentication for SSH connections instead of password authentication.

    no
    Use SSL Use SSL for secure communications.

    yes
    Verify SSL Certificate Verify the Delinea Secret Server SSL certificate.

    no

    Delinea Elevate Privileges With

    Privilege Escalation

    The privilege escalation method to use to increase users' privileges after initial authentication. Multiple options for privilege escalation are supported, including su, su+sudo and sudo.

    Selecting a privilege escalation method provides options to configure an escalation query, similar to “query mode” and its related options. These fields must only be completed if using a separate account for escalation than initial login (for example, “su”).

    yes

  14. Do one of the following:

    • If you want to save without launching the scan, click Save.

    • If you want to save and launch the scan immediately, click Save & Launch.

      Note: If you scheduled the scan to run at a later time, the Save & Launch option is not available.