:

SSH Integration

To configure SSH integration:

Log in to the Tenable user interface.
Click Scans.
Click + New Scan.

The My Scans page appears.
Select a scan template.

The Scan Templates page appears.

The scan configuration page appears.

In the Name box, type a name for the scan.
In the Targets box, type an IP address, hostname, or range of IP addresses.
(Optional) Add a description, folder location, scanner location, and specify target groups.

Click the Credentials tab.

The Credentials options appear.
In the Select a Credential menu, select the Host drop-down.
Select SSH.

The Senhasegura field options appear.

Configure each field for SSH authentication.

Option	Description	Required
Senhasegura Host	The IP address or url for the Senhasegura host.	yes
Senhasegura Port	The port on which the Senhasegura API communicates. By default, Tenable uses 443.	yes
Senhasegura API Client ID	The Client ID for the applicable Senhasegura A2A Application for Oauth 2.0 API authentication.	yes
Senhasegura API Secret ID	The Secret ID for the applicable Senhasegura A2A Application for Oauth 2.0 API authentication.	yes
Senhasegura Credential ID or Identifier	The credential ID or identifier for the credential the you are requesting to retrieve.	yes
Use SSH Key for Target Authentication	The user can select this option to retrieve the SSH Key to authenticate to the target if the configuration is applicable in Senhasegura.	Required if authenticating to target with SSH Key.
Private Key File	The private key used to decrypt encrypted sensitive data from A2A. Note: You can enable encryption of sensitive data in the A2A Application Authorizations. If enabled, you must provide a private key file in the scan credentials. This can be downloaded from the applicable A2A application in Senhasegura.	Required if you have enabled encryption of sensitive data in A2A Application Authorizations.
Escalate Privileges with	Use the drop-down menu to select the privilege elevation method, or select Nothing to skip privilege elevation. Note: Tenable supports multiple options for privilege escalation, including su, su+sudo and sudo. For example, if you select sudo, more fields for sudo user, Escalation Account Name, and Location of su and sudo (directory) are provided and can be completed to support authentication and privilege escalation through Senhasegura. The Escalation Account Name field is then required to complete your privilege escalation. Note: For more information about supported privilege escalation types and their accompanying fields, see the Nessus User Guide, the Tenable Vulnerability Management User Guide, or the Tenable Security Center User Guide.	Required if you wish to escalate privileges.
Escalation account credential ID or identifier	If the escalation account has a different username or password from the least privileged user, enter the credential ID or identifier for the escalation account credential here.	no
HTTPS	This is enabled by default.	yes
Verify SSL Certificate	This is disabled by default.	no

Click Save.

Copyright © 2024 Tenable, Inc. All rights reserved. Tenable, Tenable Nessus, Tenable Lumin, Assure, and the Tenable logo are registered trademarks of Tenable, Inc. or its affiliates. All other products or services are trademarks of their respective owners.