Unable to access web interface

I am unable to access the web interface for GVM.

I installed GVM on an Ubuntu 23.04 virtual machine, with the openvas package. I ran sudo gvm-check-setup, and the command indicated that everything was OK.

I started GVM with sudo gvm-start, and still cannot access the web interface.

The only thing I have modified is gsad.service, to have it listen on and run --http-only (listening on and running with HTTPS doesn’t work, either).

When I go to http://MY_IP_ADDRESS:9392 in a browser, I receive a 404 page indicating that the URL was not found. The page title is Greenbone Security Assistant, so I know for sure the service is running and accessible. What else am I doing wrong?

I don’t think that the Ubuntu packages are actively maintained.

the last update to the package was in January of this year - but even still, the web interface should still work.

I tried to install GVM on a fully upgraded Ubuntu 22.04 VM and let it run while doing other tasks.
I won’t show the full install obviously, but here shows it’s installed:

sudo apt install openvas -y
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
openvas is already the newest version (21.4.3).
0 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.

OK, everything should be installed…

$ sudo gvm-check-setup
gvm-check-setup 21.4.3
  Test completeness and readiness of GVM-21.4.3
Step 1: Checking OpenVAS (Scanner)... 
        ERROR: No OpenVAS Scanner found.
        FIX: Please install OpenVAS Scanner.

 ERROR: Your GVM-21.4.3 installation is not yet complete!

Please follow the instructions marked with FIX above and run this
script again.

Yet, the gvm-check-setup does not recognize it.

Also, checking for the required systems services, several are missing:

systemctl list-units --type=service

gsad and notus-scanner were not installed. I suggest you can contact the Ubuntu package maintainer to discuss the issue.

that’s 22.04, not 23.04. gvm-check-setup says that my install is complete.

I tried on Ubuntu 23.04 and in fact, the outcome was different. However, the installation does not seem to be complete. The first time using gvm-check-setup it reported that CERT data had not synced.

Step 4: Checking data ... 
        OK: SCAP data found in /var/lib/gvm/scap-data.
        ERROR: CERT data are missing.
        FIX: Run the CERT synchronization script greenbone-feed-sync.
        sudo runuser -u _gvm -- greenbone-feed-sync --type CERT.

 ERROR: Your GVM-22.4.1 installation is not yet complete!

After that it complained that gsad was not configured correctly, which seems to be the issue you are having.

Step 7: Checking if GVM services are up and running ... 
       OK: ospd-openvas service is active.
       OK: gvmd service is active.
       Starting gsad service
       Waiting for gsad service
       ERROR: gsad service did not start.
       Please check journalctl -xe and /var/log/gvm/gsad.log

ERROR: Your GVM-22.4.1 installation is not yet complete!

Please follow the instructions marked with FIX above and run this
script again.

Inspecting the gsad.log file, it seems gsad cannot find the private key for the SSL/TLS connection. YOu can check your own /var/log/gvm/gsad.log file to confirm the same error.

 Starting GSAD version 22.04.1~git
gsad main:CRITICAL:2023-08-23 20h35.04 utc:8852: main: Could not load private SSL key from /var/lib/gvm/private/CA/serverkey.pem: Failed to open file “/var/lib/gvm/private/CA/serverkey.pem”: No such file or directory
gsad main:WARNING:2023-08-23 20h35.04 utc:8853: main: `start_http_daemon` redirect failed!

The certificate is present in that location and has the owner and group _gvm and the permissions match those in the Kali Linux native installation. The gsad.serivce file also appears to be the same. However, it seems that GSAD cannot access the required files for SSL/TLS connection.

The function start_http_daemon() refers to the gsad.c file which essentially calls the MHD_start_daemon() a Microhttpd (MHD) library function, which is gsad’s web server. It seems that although the files are there and the permissions are correct, those files cannot be properly accessed.

The failure happens on line 2599 of gsad.c file when the g_file_get_contents() is unable to load the private key. However, I can’t immediately see why not, since its there and the permissions are correct, unless there is something like SELinux blocking access to the file.

OK, after a restart, seems the certificates can be accessed, but another error in gsad.log:

gsad main:CRITICAL:2023-08-23 22h19.39 utc:5109: main: start_https_daemon failed!
gsad main:WARNING:2023-08-23 22h19.39 utc:5110: main: start_http_daemon redirect failed !

This error is thrown from line 2530 in gsad.c which is a little higher up in main() funciton. Maybe the Ubuntu 23 MHD library version is different or not supported? The MHD library is installed via apt install libmicrohttpd-dev and so turning on debug logging for that package may help.

thank you, this is exactly the error I’m having. Very frustrating this package is broken. Would you recommend I install in a Kali VM? You can confirm it’s working there?

Well, it’s interesting to see that someone is working on a native Ubuntu 23 package.

Yes, I use the Kali native install on the official Kali VMs and can attest it works great. I have also installed it on VM installations such as Kali Purple.

The install method is the same as the one you are using for Ubuntu 23.04.

While this topic is already marked as solved one remark to this:

Unfortunately the output of that script (Note: This isn’t maintained by Greenbone) is not telling the truth. It seems the complete javascript package for the web interface is missing in Ubuntu as seen by the Package not available for the greenbone-security-assistant entry here:

That’s why the 404 is thrown, the mandatory javascript code is just not available :slightly_frowning_face:

Dear Team,

I’ve installed OpenVas in Ubuntu 22.04 and all service running successfully. But still I’m unable to access OpenVas web service.

Kindly advise.

Seeking urgent assistance.