Any username/password combination that can be applied to a number of machines with administrator privileges can be pre-configured and stored in the Security Manager Plus database, these credentials are encrypted before storing them in the Security Manager Plus database. This credential will be used during scan to remotely login and identify the asset details, and perform various registry checks (in Windows) to identify related vulnerabilities and missing patches for the assets for which the scan is being performed.
Go to tab Admin » Manage » Credential Library
Click on the 'Add Credentials' button from here
Select the Windows radio button for configuring credentials for Windows systems or Linux radio button for Linux systems
For Credential Name provide a unique name & Description of your choice.
User Name, this user must have administrator privileges (Windows)
Provide the correct Password used to authenticate to the remote system
Retype Password to confirm.
For Linux Credentials, provide both the Super User (root user) as well as Normal User details
Click 'Save' button to add these details.
The newly added credentials will immediately appear in the 'Credential Details' section of the page.
You can delete the credentials, by clicking on the 'Delete' icon.
Public key-based authentication
SSH keys (specific to hosts) can be supplied to authenticate Linux hosts before scanning. This is optional to supplying credentials with password.
In order to use this functionality, under the Linux credentials --> Normal User Login Details, check the 'Public Key Authentication' check-box and provide the User Name and copy-and paste the SSH private key information in the Private Key text-area.
Note :
This feature is optional
It is supported for SSH2 (version 2) protocol only