Install
- apt update
- apt install gvm
setup
Finish
...
md main: DEBUG:6750:2016-08-15 17h32.43 CEST: sql_open: db open, max retry sleep time is 0
Rebuilding NVT cache... done.
User created with password '4dxxxx7-exx9-4xx4-axxc-6xxxx20xxx2'.
start
stop
letsencrypt
- apt install certbot
- certbot certonly --standalone -d $(hostname)
pre and post stuff
- echo '#!bin/bash' > /etc/letsencrypt/renewal-hooks/pre/stuff
- echo 'systemctl stop greenbone-security-assistant.service' >> /etc/letsencrypt/renewal-hooks/pre/stuff
- chmod +x /etc/letsencrypt/renewal-hooks/pre/stuff
- echo '#!bin/bash' > /etc/letsencrypt/renewal-hooks/post/stuff
- echo 'systemctl start greenbone-security-assistant.service' >> /etc/letsencrypt/renewal-hooks/post/stuff
- chmod +x /etc/letsencrypt/renewal-hooks/post/stuff
change gsad settings
- /etc/systemd/system/greenbone-security-assistant.service
[Unit]
Description=Greenbone Security Assistant (gsad)
Documentation=man:gsad(8) https://www.greenbone.net
After=network.target
After=gvmd.service
[Service]
Type=forking
#User=_gvm
#Group=_gvm
User=root
Group=root
ExecStart=/usr/sbin/gsad --mlisten=127.0.0.1 --mport=9390 --no-redirect --listen=0.0.0.0 --port=443 --ssl-private-key=/etc/letsencrypt/live/scanner.tuxmen.de/privkey.pem --ssl-certificate=/etc/letsencrypt/live/scanner.tuxmen.de/cert.pem
Restart=always
TimeoutStopSec=10
[Install]
WantedBy=multi-user.target
Alias=gsad.service
change gvmd settings
[Unit]
Description=Open Vulnerability Assessment System Manager Daemon
Documentation=man:gvmd(8) https://www.greenbone.net
Wants=postgresql.service ospd-openvas.service
After=postgresql.service ospd-openvas.service
[Service]
Type=forking
PIDFile=/run/gvm/gvmd.pid
User=_gvm
Group=_gvm
RuntimeDirectory=gvm
RuntimeDirectoryMode=2775
ExecStart=/usr/sbin/gvmd -a 0.0.0.0 -p 9390
ExecReload=/bin/kill -HUP $MAINPID
# Kill the main process with SIGTERM and after TimeoutStopSec (defaults to
# 1m30) kill remaining processes with SIGKILL
KillMode=mixed
[Install]
WantedBy=multi-user.target
dameon reload
- systemctl daemon-reload
- gvm-stop
- gvm-start
- gvm-check-setup --server
Check Listing
- netstat -lntp | egrep "gsad|gvmd"
tcp 0 0 0.0.0.0:9390 0.0.0.0:* LISTEN 7035/gvmd: Waiting
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 7202/gsad
Login
- URL: https://<FQDN>
- USR: admin
- PWD: 4dxxxx7-exx9-4xx4-axxc-6xxxx20xxx2
Updates
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
0 0 * * * _gvm greenbone-nvt-sync
15 0 * * * _gvm greenbone-certdata-sync
30 0 * * * _gvm greenbone-scapdata-sync