GVM Installation: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Zeile 49: | Zeile 49: | ||
WantedBy=multi-user.target | WantedBy=multi-user.target | ||
Alias=gsad.service | Alias=gsad.service | ||
+ | </pre> | ||
+ | =change gvmd settings= | ||
+ | <pre> | ||
+ | [Unit] | ||
+ | Description=Open Vulnerability Assessment System Manager Daemon | ||
+ | Documentation=man:gvmd(8) https://www.greenbone.net | ||
+ | Wants=postgresql.service ospd-openvas.service | ||
+ | After=postgresql.service ospd-openvas.service | ||
+ | |||
+ | [Service] | ||
+ | Type=forking | ||
+ | PIDFile=/run/gvm/gvmd.pid | ||
+ | User=_gvm | ||
+ | Group=_gvm | ||
+ | RuntimeDirectory=gvm | ||
+ | RuntimeDirectoryMode=2775 | ||
+ | #ExecStart=/usr/sbin/gvmd --osp-vt-update=/run/ospd/ospd.sock | ||
+ | ExecStart=/usr/sbin/gvmd -a 0.0.0.0 -p 9390 | ||
+ | ExecReload=/bin/kill -HUP $MAINPID | ||
+ | # Kill the main process with SIGTERM and after TimeoutStopSec (defaults to | ||
+ | # 1m30) kill remaining processes with SIGKILL | ||
+ | KillMode=mixed | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=multi-user.target | ||
+ | |||
</pre> | </pre> | ||
Version vom 21. September 2020, 13:15 Uhr
Install
- apt update
- apt install gvm
setup
- gvm-setup
start
- gvm-start
Finish
... md main: DEBUG:6750:2016-08-15 17h32.43 CEST: sql_open: db open, max retry sleep time is 0 Rebuilding NVT cache... done. User created with password '4dxxxx7-exx9-4xx4-axxc-6xxxx20xxx2'.
stop
- gvm-stop
letsencrypt
- apt install certbot
- certbot certonly --standalone -d <FQDN>
pre and post stuff
- echo '#!bin/bash' > /etc/letsencrypt/renewal-hooks/pre/stuff
- echo 'systemctl stop greenbone-security-assistant.service' >> /etc/letsencrypt/renewal-hooks/pre/stuff
- chmod +x /etc/letsencrypt/renewal-hooks/pre/stuff
- echo '#!bin/bash' > /etc/letsencrypt/renewal-hooks/post/stuff
- echo 'systemctl start greenbone-security-assistant.service' >> /etc/letsencrypt/renewal-hooks/post/stuff
- chmod +x /etc/letsencrypt/renewal-hooks/post/stuff
change gsad settings
- /etc/systemd/systemd/greenbone-security-assistant.service
[Unit] Description=Greenbone Security Assistant (gsad) Documentation=man:gsad(8) https://www.greenbone.net After=network.target Wants=gvmd.service [Service] Type=forking #User=_gvm #Group=_gvm User=root Group=root ExecStart=/usr/sbin/gsad --mlisten=127.0.0.1 --mport=9390 --no-redirect --listen=0.0.0.0 --port=443 --ssl-private-key=/etc/letsencrypt/live/scanner.tuxmen.de/privkey.pem --ssl-certificate=/etc/letsencrypt/live/scanner.tuxmen.de/cert.pem Restart=always TimeoutStopSec=10 [Install] WantedBy=multi-user.target Alias=gsad.service
change gvmd settings
[Unit] Description=Open Vulnerability Assessment System Manager Daemon Documentation=man:gvmd(8) https://www.greenbone.net Wants=postgresql.service ospd-openvas.service After=postgresql.service ospd-openvas.service [Service] Type=forking PIDFile=/run/gvm/gvmd.pid User=_gvm Group=_gvm RuntimeDirectory=gvm RuntimeDirectoryMode=2775 #ExecStart=/usr/sbin/gvmd --osp-vt-update=/run/ospd/ospd.sock ExecStart=/usr/sbin/gvmd -a 0.0.0.0 -p 9390 ExecReload=/bin/kill -HUP $MAINPID # Kill the main process with SIGTERM and after TimeoutStopSec (defaults to # 1m30) kill remaining processes with SIGKILL KillMode=mixed [Install] WantedBy=multi-user.target
dameon reload
- systemctl daemon-reload
- gvm-stop
- gvm-start
- gvm-check-setup --server
Check Listing
- netstat -lntp | grep gsad
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 4204/gsad
Login
- URL: https://<FQDN>
- USR: admin
- PWD: 4dxxxx7-exx9-4xx4-axxc-6xxxx20xxx2