SSH Key Target Authentication: HashiCorp Vault

Summary

Tenable is announcing the release of updated functionality in regards to credential fetching in our HashiCorp Vault Integration. We have updated this integration to retrieve an SSH key for target authentication. This will expand functionality and usability for our customer’s use cases.

Scope

When using HashiCorp, customers can now retrieve an SSH key stored as a secret in their HashiCorp Vault. The customer can specify the SSH key using the same “Password Key” field in the User Interface. Previously this would only work for password authentication. Additionally, passphrase protected SSH keys can be specified with the appropriate “Password Key” and “Passphrase Key” specified. 

Impact

There is no impact to existing scans. In Nessus and Tenable VM, a new Passphrase Key field will be present in credentials using HashiCorp Vault for SSH scans. Security Center will get the same field at a later date. If users encounter issues, please open a ticket with Technical Support.

Release Date

November 15th, 2024 - TVM, Nessus; TBD for Security Center.