Setting Up Credentials
Learn how to create and manage the credential sets Open-AudIT uses to authenticate with devices during network discovery.
On this page
Setting Up Credentials
Before Open-AudIT can audit a device it needs credentials to authenticate with it. You'll need to create credential sets for each type of device in your environment.
Supported Credential Types
| Type | Used For |
|---|---|
| SNMP v1/v2 | Network devices, printers, and any SNMP-enabled device |
| SNMP v3 | Same as above, with stronger security |
| SSH | Linux, macOS, Unix, AIX, HP-UX, Solaris, ESXi |
| SSH Key | Same as SSH but using a private key file |
| Windows (WMI) | Windows servers and workstations |
Creating a Credential Set
- Go to Menu → Discover → Credentials → Create Credentials
- Give the credential set a Name (e.g., "Linux Root SSH" or "Windows Admin")
- Choose an Organization and optionally add a description
- Select the Type from the dropdown — additional fields will appear based on your selection
- Fill in the relevant details (username, password, community string, etc.)
- Click Submit
Repeat this for each credential type you need. Open-AudIT will test each credential against each device during discovery and remember which ones worked for next time.
SSH Keys
If you're using key-based SSH authentication, paste the entire contents of your private key file into the SSH Key field — including the -----BEGIN RSA PRIVATE KEY----- header and footer lines.
Note
SSH key authentication is not currently supported on Windows-hosted Open-AudIT servers.
Importing Credentials in Bulk
If you have a lot of credentials to add, you can import them from a CSV file via Menu → Discover → Credentials → Import Multiple Credentials.
The CSV requires at minimum: name, org_id, type, and the relevant credential fields (e.g., credentials.community for SNMP, or credentials.username and credentials.password for SSH/Windows).
Example CSV:
"name","org_id","type","credentials.community","credentials.username","credentials.password"
"Public SNMP","1","snmp","public","",""
"My SSH","1","ssh","","my_user","my_password"
"Windows Creds","1","windows","","my_win_user@open-audit.com","my_win_password"
A Note on Security
Credential details are stored encrypted in the database. However, be aware that if you export credentials to CSV, XML, or JSON format, the actual decrypted values are included in the output. You can disable this behaviour by setting decrypt_credentials to n in the configuration.
How Open-AudIT Uses Credentials
When a discovery runs, Open-AudIT tests credentials in this order:
- Device-specific credentials (if the device has been seen before and has working credentials on record)
- All other credential sets, starting with those known to have worked previously
The first set that works is used for the full audit. This keeps discovery fast.