GVM Installation: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Zeile 18: | Zeile 18: | ||
=letsencrypt= | =letsencrypt= | ||
*apt install certbot | *apt install certbot | ||
− | *certbot certonly --standalone -d | + | *certbot certonly --standalone -d $(hostname) |
==pre and post stuff== | ==pre and post stuff== | ||
*echo '#!bin/bash' > /etc/letsencrypt/renewal-hooks/pre/stuff | *echo '#!bin/bash' > /etc/letsencrypt/renewal-hooks/pre/stuff |
Version vom 3. März 2021, 21:32 Uhr
Install
- apt update
- apt install gvm
setup
- gvm-setup
Finish
... md main: DEBUG:6750:2016-08-15 17h32.43 CEST: sql_open: db open, max retry sleep time is 0 Rebuilding NVT cache... done. User created with password '4dxxxx7-exx9-4xx4-axxc-6xxxx20xxx2'.
start
- gvm-start
stop
- gvm-stop
letsencrypt
- apt install certbot
- certbot certonly --standalone -d $(hostname)
pre and post stuff
- echo '#!bin/bash' > /etc/letsencrypt/renewal-hooks/pre/stuff
- echo 'systemctl stop greenbone-security-assistant.service' >> /etc/letsencrypt/renewal-hooks/pre/stuff
- chmod +x /etc/letsencrypt/renewal-hooks/pre/stuff
- echo '#!bin/bash' > /etc/letsencrypt/renewal-hooks/post/stuff
- echo 'systemctl start greenbone-security-assistant.service' >> /etc/letsencrypt/renewal-hooks/post/stuff
- chmod +x /etc/letsencrypt/renewal-hooks/post/stuff
change gsad settings
- /etc/systemd/system/greenbone-security-assistant.service
[Unit] Description=Greenbone Security Assistant (gsad) Documentation=man:gsad(8) https://www.greenbone.net After=network.target After=gvmd.service [Service] Type=forking #User=_gvm #Group=_gvm User=root Group=root ExecStart=/usr/sbin/gsad --mlisten=127.0.0.1 --mport=9390 --no-redirect --listen=0.0.0.0 --port=443 --ssl-private-key=/etc/letsencrypt/live/scanner.tuxmen.de/privkey.pem --ssl-certificate=/etc/letsencrypt/live/scanner.tuxmen.de/cert.pem Restart=always TimeoutStopSec=10 [Install] WantedBy=multi-user.target Alias=gsad.service
change gvmd settings
[Unit] Description=Open Vulnerability Assessment System Manager Daemon Documentation=man:gvmd(8) https://www.greenbone.net Wants=postgresql.service ospd-openvas.service After=postgresql.service ospd-openvas.service [Service] Type=forking PIDFile=/run/gvm/gvmd.pid User=_gvm Group=_gvm RuntimeDirectory=gvm RuntimeDirectoryMode=2775 ExecStart=/usr/sbin/gvmd -a 0.0.0.0 -p 9390 ExecReload=/bin/kill -HUP $MAINPID # Kill the main process with SIGTERM and after TimeoutStopSec (defaults to # 1m30) kill remaining processes with SIGKILL KillMode=mixed [Install] WantedBy=multi-user.target
dameon reload
- systemctl daemon-reload
- gvm-stop
- gvm-start
- gvm-check-setup --server
Check Listing
- netstat -lntp | egrep "gsad|gvmd"
tcp 0 0 0.0.0.0:9390 0.0.0.0:* LISTEN 7035/gvmd: Waiting tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 7202/gsad
Login
- URL: https://<FQDN>
- USR: admin
- PWD: 4dxxxx7-exx9-4xx4-axxc-6xxxx20xxx2
Updates
- /etc/cron.d/greenbone
SHELL=/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin 0 0 * * * _gvm greenbone-nvt-sync 15 0 * * * _gvm greenbone-certdata-sync 30 0 * * * _gvm greenbone-scapdata-sync