WIP

future-architect · Apr 6, 2017 · 0075371 · 0075371
1 parent f64d3f8
commit 0075371
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 5 deletions.
diff --git a/README.ja.md b/README.ja.md
@@ -352,6 +352,8 @@ Paste from the clipboard to ~/.ssh/.authorized_keys
 パスワードありのsudoはセキュリティ上の理由からサポート指定いないので、スキャンに必要なコマンドは、`NOPASSAWORD`として、remote host上の`etc/sudoers`に定義しておく。
 See [Usage: Configtest#Check /etc/sudoers](#check-etcsudoers)
 
+また、localhostのknown_hostsにremote hostのホストキーが登録されている必要があるので確認すること。
+
 ## Step4. Config
 
 - Localhost

diff --git a/README.md b/README.md
@@ -330,7 +330,7 @@ For details of dependent libraries, see [Dependencies on Target Servers](#depend
 ## Step3. Enable to SSH from Localhost
 
 Vuls doesn't support SSH password authentication. So you have to use SSH key-based authentication.  
-Create a keypair on the localhost then append public key to authorized_keys on the remote host.
+Create a keypair on the localhost then append public key to authorized_keys on the remote host.  
 
 - Localhost
 ```bash
@@ -348,8 +348,10 @@ $ vim ~/.ssh/authorized_keys
 ```
 Paste from the clipboard to ~/.ssh/.authorized_keys
 
-And also, SUDO with password is not supported for security reasons. So you have to define NOPASSWORD in /etc/sudoers on target servers.  
-See [Usage: Configtest#Check /etc/sudoers](https://github.com/future-architect/vuls#check-etcsudoers)
+SUDO with password is not supported for security reasons. So you have to define NOPASSWORD in /etc/sudoers on target servers.  
+See [Usage: Configtest#Check /etc/sudoers](#check-etcsudoers)
+
+And also, confirm that the host keys of scan target servers has been registered in the known_hosts of the Localhost.
 
 ## Step4. Config
 
@@ -652,12 +654,12 @@ You can customize your configuration using this template.
     - port: SSH Port number
     - user: SSH username
     - keyPath: SSH private key path
-    - cpeNames: see [Usage: Scan vulnerability of non-OS package](https://github.com/future-architect/vuls#usage-scan-vulnerability-of-non-os-package)
+    - cpeNames: see [Usage: Scan vulnerability of non-OS package](#usage-scan-vulnerability-of-non-os-package)
     - ignoreCves: CVE IDs that will not be reported. But output to JSON file.
     - optional: Add additional information to JSON report.
     - containers: see [Example: Scan containers (Docker/LXD)(#example-scan-containers-dockerlxd)
 
-    Vuls supports two types of SSH. One is external command. The other is native go implementation. For details, see [-ssh-native-insecure option](https://github.com/future-architect/vuls#-ssh-native-insecure-option)
+    Vuls supports two types of SSH. One is external command. The other is native go implementation. For details, see [-ssh-native-insecure option](#-ssh-native-insecure-option)
 
     Multiple SSH authentication methods are supported.  
     - SSH agent