Managing credentials for malware scanning
To add new credentials
- On the left, click Detection and reporting > Malware detection.
- On the Malware detection page, select Malware detection settings > Manage malware scanner host pools on the top-right corner to go to host pool list page.
- Select the desired scan host. Then click Actions > Manage hosts.
If the scan host connectivity type is Agentless host:
Select the desired host. Then click Actions > Manage credentials.
Select Add a new credential and click Next.
Add the details such as the Credential name, Tag, and Description.
On the Host credentials tab, add the Host username, Host password, SSH port, RSA key, and Share type.
To validate the SSH connection between the MSDP media server and the host, run the following command:
ssh username@remote_host_name
To verify the RSA key for a remote scan host, run the following command:
ssh-keyscan scan_host_name 2>/dev/null | grep ssh-rsa
To obtain the RSA key for the scan host, use the following command. Use the command from any Linux host with SSH connectivity to the scan host (this host can be the scan host itself):
ssh-keyscan scan_host_name 2>/dev/null | grep ssh-rsa | awk '{print $3}' | base64 -d | sha256sum
For example, the output is 33f697637ab3f0911c1d462d4bde8be3eec61a33403e8f6a88daecb415a31eef - where the RSA key is 33f697637ab3f0911c1d462d4bde8be3eec61a33403e8f6a88daecb415a31eef
Note:
Ensure that you remove the
-character from the RSA key when you copy.The following host key algorithms are used to connect to scan host in the given order:
rsa-sha2-512, rsa-sha2-256, ssh-rsa
- If the scan host connectivity type is NetBackup client:
Select the desired host. Then click Actions > Manage credentials.
Select Add a new credential and click Next.
To add existing credentials
- On the left, click Detection and reporting > Malware detection.
- On the Malware detection page, select Malware detection settings > Manage malware scanner host pools on the top-right corner to go to host pool list page.
- Select the desired scan host pool. Then click Actions > Manage hosts.
- Select the desired host and click Actions > Manage credentials.
- Select Select existing credential.
- Select the desired credential and click Select.
To validate the scan host credentials
(Applicable only if the scan host connectivity type is Agentless host)
- On left, click Detection and reporting > Malware detection.
- On the Malware detection page, select Malware detection settings > Manage malware scanner host pools on the top-right corner to go to host pool list page.
- On the Malware scanner host pools page, click Add to add a new host pool.
The Add scanner host pool page appears.
- After you provide the credentials for the scan host on the Add scanner host pool page, search for and select the media server.
Note:
Only SSH credentials are validated by connecting to scan host from the selected media server. The media server must be a Linux media server with NetBackup version 10.3 or later.
- Click Validate credential.
- After the credentials are successfully validated, click Save.