Configure credential settings

Set up Assets Discovery

On this page

In this section

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

The Credentials tab allows you to specify the credentials to be used in accessing devices on your network. If your devices are protected with any credentials, you will have to add these for Assets Discovery to function. 

We recommend that you have a few credentials for Windows and Linux systems or a specified user for the discovery job. All credential information will be stored in the file (credentialstore) and encrypted with AES256. For the encryption, Discovery uses <YourPassword>+<PrivateSalt>+<LocalHostInformation>.

To add a set of credentials

You can add multiple credentials for Assets Discovery to execute. This could be useful if you need different credentials for different devices, or if you want to use different credential sets with different scan settings.

If multiple credentials are available, Assets Discovery tries one after the other until a successful connection is established. This information will be saved for the machine and the next time, this credential is used first.

To add a set of credentials, select the + button at top.

To delete a set of credentials, select the x button at top and then in the Delete Credential screen, select Yes.

To test a set of credentials

Once you have configured a set of credentials, you can test the scan without running a full execution of Assets Discovery. You must input the IP address containing the device to test the credentials against.

  1. Select Test.
  2. Enter an IP address to test the credentials against and select Test.
  3. If the test is successful, Connection successful is displayed.
    If the connection is refused, you will see the message Cannot connect with credentials.

To configure a set of credentials

You can configure the below settings for the preferred set of credentials from the page. Each unique set of credentials is identified with a hash at top, such as 1b8da2ee-ec-15-4d99-8bdc-baadc2653df.

SettingDescription

Scan setting

If desired, you can select a specific scan setting to run with this set of credentials. Select a specific scan setting, or select All to run these credentials against all scan settings. More about scan settings

If you configure a scan setting ID, only these credentials will be used for the scan setting, all others will be ignored.

Type

Refer to the table below.

Login

Enter the login name of the user for this authentication.

Password

Enter the password of the user for this authentication.

Description

Enter a description for these credentials.

Usage

Shows how many times these credentials have been tried and how many times they have succeeded.

Lock

Select the lock icon at the lower-right corner of the Credentials box to lock or unlock changes to these settings.

Configuring the type of system

  • Basic credentials can be used to connect to Windows, Linux server, and vSphere ESXi-Server (on Windows).
  • On Linux server, you can also use RSA private key authentication.

You can select which type of system these credentials are to be used with. Depending on which type of system you select, you may have to enter further information about passwords and protocols. Possible selections include:

OptionDescription

Windows

Use with (WMI*) systems.

SSH

Use with Linux systems.

SSH_RSA

Use with systems where an RSA key is required. The following information should be provided:

  • Login - Enter the Login-Name of the User that is used for the authentication.

  • sudo Password - Enter the Password that will be used for sudo commands

  • Passphrase - Enter the passphrase of the RSA private key

  • RSA File - Enter the local path to the RSA private key file of the User that is used for the authentication.

More about using RSA keys

SNMP_V1_V2

Use with SNMP version 1 and 2 systems. These do not include a user name, just a community string. The default read-only community string for many SNMP devices is public.

SNMP_V3

Use with SNMP version 3 systems. A Security User, Authentication password and protocol, and Privacy password and protocol are needed.

  1. Security user - enter the user name that is used for the authentication.
  2. Authentication password and protocol - enter the authentication password and choose the protocol type that is used for the device(s):
    1. MD5
    2. SHA 1
  3. Privacy password and protocol - enter the privacy password and choose the protocol type that is used for the content encryption:
    1. DES (Data Encryption Standard)
    2. AES128 (Advanced Encryption Standard 128 bit encryption)
    3. AES192 (Advanced Encryption Standard 192 bit encryption)
    4. AES256 (Advanced Encryption Standard 256 bit encryption)
    5. TripleDES (Triple Data Encryption Standard)
  4. Context Name - Enter Context Name that is used for the SNMP v3 authentication

Application

Application credentials can be used to replace the Login and Password in an Application Pattern, such as that used for Databases like MySQL, PostgreSQL, etc. In a pattern, you can use $$login$$ and $$password$$, these placeholders will be replaced at execution time. At the pattern, the <ApplicationName> needs to be matched with the entered Application in the credentials.

  1. Login - Enter the value that will be replaced in the application pattern
  2. Password - enter the value that will be replaced in the application pattern
  3. Application - select the application for that credentials


Last modified on May 21, 2024

Was this helpful?

Yes
No
Provide feedback about this article

In this section

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.