Ubuntu and GSA installation

WebGreg · September 8, 2022, 12:21pm

Hi.

I am totally new to openvas and a total beginner to Linux. And my language skills aren’t good. Briefly writing - a drama. But I am trying to install and get to know this software.

System: Ubuntu 22.04.1 LTS

What have I done so far?

apt-get update && apt-get upgrade -y
apt install openvas
gvm-setup
gvm-check-setup

The result:

  Test completeness and readiness of GVM-21.4.3
Step 1: Checking OpenVAS (Scanner)...
        OK: OpenVAS Scanner is present in version 21.4.3.
        OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
Checking permissions of /var/lib/openvas/gnupg/*
        OK: _gvm owns all files in /var/lib/openvas/gnupg
        OK: redis-server is present.
        OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
        OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
        OK: redis-server configuration is OK and redis-server is running.
        OK: _gvm owns all files in /var/lib/openvas/plugins
        OK: NVT collection in /var/lib/openvas/plugins contains 103287 NVTs.
Checking that the obsolete redis database has been removed
        OK: No old Redis DB
        OK: ospd-OpenVAS is present in version 21.4.3.
Step 2: Checking GVMD Manager ...
        OK: GVM Manager (gvmd) is present in version 21.4.4.
Step 3: Checking Certificates ...
        OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
        OK: Your GVM certificate infrastructure passed validation.
Step 4: Checking data ...
        OK: SCAP data found in /var/lib/gvm/scap-data.
        OK: CERT data found in /var/lib/gvm/cert-data.
Step 5: Checking Postgresql DB and user ...
        OK: Postgresql version and default port are OK.
 gvmd      | _gvm     | UTF8     | pl_PL.UTF-8 | pl_PL.UTF-8 |
        OK: At least one user exists.
Step 6: Checking Greenbone Security Assistant (GSA) ...
        ERROR: No Greenbone Security Assistant (gsad) found.
        FIX: Please install Greenbone Security Assistant.

 ERROR: Your GVM-21.4.3 installation is not yet complete!

Before that, I had a problem with the scanner. Libraries were missing - after adding them, checking is better. But I don’t know how to install this GSA.

I tried with the https://github.com/greenbone/gsa but it failed - I don’t understand this information.

I downloaded manually:

sudo wget https://github.com/greenbone/gsa/archive/refs/tags/v22.4.0.tar.gz
sudo tar -xzvf v22.4.0.tar.gz

Then I copied this to: /usr/share/gvm/gsad/web/
But no change

I tried with: apt-get install greenbone-security-assistant
and: “package or is not available from currently set sources”

Eero · September 8, 2022, 3:07pm

@WebGreg I think package name is gvm, not openvas.

Just install latest ubuntu and run apt install -y gvm and then
gvm-setup
gvm-check-setup

…

Eero

y0urself · September 8, 2022, 7:31pm

Hi @WebGreg !

Welcome to our community!

If you are not experienced with Linux and stuff, you may want to try out our easy-to-install, easy-to-use docker containers? You can find a link to the documentation here: Greenbone Community Containers 22.4 - Greenbone Community Documentation

WebGreg · September 9, 2022, 6:29am

Hi @Eero. I’m sorry, I skipped this step, but I did it (without it, the check would probably not start at all).

gvm is already the newest version (21.4.3)

I also tried with:

sudo add-apt-repository ppa: mrazavi / openvas

but:

https://ppa.launchpadcontent.net/mrazavi/openvas/ubuntu jammy Release
  404  Not Found [IP: 185.125.190.52 443]

Hi @y0urself

I tried this, but I can’t get through the “Docker Compose File”.

user@gvm:/usr/local/bin$ docker compose version
Docker Compose version v2.6.0
user@gvm:~/greenbone-community-container$ cd $DOWNLOAD_DIR && curl -f -L https://greenbone.github.io/docs/latest/_static/docker-compose-22.4.yml -o docker-compose.yml
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  4248  100  4248    0     0  30862      0 --:--:-- --:--:-- --:--:-- 31007
user@gvm:~/greenbone-community-container$ docker-compose -f $DOWNLOAD_DIR/docker-compose.yml -p greenbone-community-edition pull
/usr/local/bin/docker-compose: line 1: Not: command not found
user@gvm:~/greenbone-community-container$ docker-compose -f $DOWNLOAD_DIR/docker-compose.yml -p greenbone-community-edition up -d
/usr/local/bin/docker-compose: line 1: Not: command not found

Edit: Maybe it was problem with Ubuntu version. Too many missing package messages. I went back to version 20.04 and it looks like it installs more smoothly. I’ll let you know when it ends.

cfi · September 9, 2022, 8:32am

About the initial question on the missing GSA:

Looks like the gvm package (which is getting pulled in when installing the openvas package) on Ubuntu 22.04 is depending on a non-existent greenbone-security-assistant package:

This means that you will never get a working GSA installation by just using the packages provided by Ubuntu 22.04 directly (only the upcoming Ubuntu kinetic seems to provide the Ubuntu – Details of package gsad in kinetic replacement package) and not sure if you can compile the missing gsa and gsad on top of these manually.

Alternatives are:

Docker as suggested previously
Building the full GVM stack from source based on Building 22.4 from Source - Greenbone Community Documentation
Using the Greenbone Enterprise TRIAL from Greenbone Enterprise TRIAL - Greenbone Networks

Eero · September 9, 2022, 9:05am

@cfi @WebGreg It might be wise just test with latest ubuntu.

I think it just works…

Eero

WebGreg · September 10, 2022, 2:18pm

Hi @cfi

I installed Ubuntu 22.04 again and tried with the Building 22.4 from Source - Greenbone Community Documentation - looks like installed ok. However, the http and https://ip:9392 page does not open for me. Did I miss something?? Apache is running on the server.

openvas.log:
Updated NVT cache from version 0 to 202209091014

ospd-openvas.log:
INFO: (ospd_openvas.daemon) Finished loading VTs. The VT cache has been updated from version 0 to 202209091014.

Eero · September 11, 2022, 4:50pm

@WebGreg by default it listens only localhost? if I remember correctly.

Eero

WebGreg · September 12, 2022, 5:59am

Hi @Eero

OK. I edited the gsad.service file and the page opened, but default admin/admin doesn’t work

Eero · September 12, 2022, 6:02am

@WebGreg change admin password: Reset admin password

Eero

WebGreg · September 12, 2022, 6:07am

Works for me with

sudo -E -u gvm -g gvm gvmd --user=admin --new-password=admin

Thank You @Eero

OnnoZweers · September 14, 2022, 7:19am

Ubuntu 22.04 does not have the gsad package in its repos, it appears from this page: Ubuntu Manpage: gsad - Greenbone Security Assistant of the Greenbone Vulnerability Management

Ubuntu 20.04 and 22.10 (not released yet) seem to have it though. Haven’t tested it yet.

bricks · September 14, 2022, 12:45pm

It seems to be the packages for the Greenbone Community Edition aka GVM/OpenVAS are very broken and nearly useless. You could take a look at our docs (Greenbone Community Documentation) to build our software from source or use docker containers instead.

OnnoZweers · September 14, 2022, 2:54pm

I tried Ubuntu 20.04 and there the GVM/OpenVAS packages are broken too.

I’ve now installed Kali Linux and there the packages seem to work. There are also several guides on how to install and configure the packages. I only ran into a “failed to find config” error, which I could easily fix by running gvm-feed-update as suggested in troubleshooting - Greenbone/GVM (Kali Linux) scan config error message - Unix & Linux Stack Exchange

Now doing my first scans.

bricks · February 17, 2023, 4:11pm

A post was split to a new topic: Build from source URL not found