I’m trying to run vulnerability tests on single file with openvas-nasl.
root@ip-172-31-4-70:/etc/openvas# openvas-nasl -p /var/lib/openvas/plugins/http_login.nasl
base gpgme-Message: 15:11:22.533: Setting GnuPG dir to ‘/etc/openvas/gnupg’
base gpgme-Message: 15:11:22.543: Using OpenPGP engine version ‘2.2.4’
Erroneous or missing signature for checksums file /var/lib/openvas/plugins/sha256sums No checksum for /var/lib/openvas/plugins/http_login.nasl
as described in openvas tutorial tips
so then I try to generate a key with gpg:
ubuntu@ip-172-31-4-70:/etc/openvas$ sudo gpg --full-generate-key --homedir=/etc/openvas/gnupg
gpg (GnuPG) 2.2.4; Copyright © 2017 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (3072) 2048
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
GnuPG needs to construct a user ID to identify your key.
Real name: jackson
Email address: firstname.lastname@example.org
Comment: key for openvas
You selected this USER-ID:
“jackson (key for openvas) email@example.com”
Change (N)ame, ©omment, (E)mail or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
–> but this never exists. I waited for 30 minutes and nothing happened. What am I doing wrong here?