I’ve run the following commands (all suggested as fixes in other posts) in an attempt to reset the ‘admin’ password but I’m now unable to login via the UI. The output of gvm-check-setup is below.
How to fix? This appears to be a recurring issue in multiple posts on the same and no clear fix.
Additionally, I’ve restarted gsad and also rebooted in an attempt to resolve.
gvm-check-setup
gvm-check-setup 21.4.3
Test completeness and readiness of GVM-21.4.3
Step 1: Checking OpenVAS (Scanner)…
OK: OpenVAS Scanner is present in version 21.4.4.
OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
Checking permissions of /var/lib/openvas/gnupg/*
OK: _gvm owns all files in /var/lib/openvas/gnupg
OK: redis-server is present.
OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
OK: redis-server configuration is OK and redis-server is running.
OK: _gvm owns all files in /var/lib/openvas/plugins
OK: NVT collection in /var/lib/openvas/plugins contains 107229 NVTs.
Checking that the obsolete redis database has been removed
OK: No old Redis DB
OK: ospd-OpenVAS is present in version 21.4.4.
Step 2: Checking GVMD Manager …
OK: GVM Manager (gvmd) is present in version 21.4.5.
Step 3: Checking Certificates …
OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
OK: Your GVM certificate infrastructure passed validation.
Step 4: Checking data …
OK: SCAP data found in /var/lib/gvm/scap-data.
OK: CERT data found in /var/lib/gvm/cert-data.
Step 5: Checking Postgresql DB and user …
OK: Postgresql version and default port are OK.
gvmd | _gvm | UTF8 | en_US.UTF-8 | en_US.UTF-8 |
OK: At least one user exists.
Step 6: Checking Greenbone Security Assistant (GSA) …
Oops, secure memory pool already initialized
OK: Greenbone Security Assistant is present in version 21.4.4.
Step 7: Checking if GVM services are up and running …
OK: ospd-openvas service is active.
OK: gvmd service is active.
OK: gsad service is active.
Step 8: Checking few other requirements…
OK: nmap is present in version 21.4.4.
OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work.
OK: xsltproc found.
WARNING: Your password policy is empty.
SUGGEST: Edit the /etc/gvm/pwpolicy.conf file to set a password policy.
Hi, you need to look at /var/log/gvm/gvmd.log for possible errors while setting the password. Most likely there is an issue with the PostgeSQL database not catch by Kali’s gvm-check-setup script.
On Kali the following command should work if the setup is correct
The command will return an exit code of 0 if it was successful. To get the exit code just run echo $? directly after the sudo -E -u _gvm ... command. If it isn’t 0 there must be some error message in /var/log/gvm/gvmd.log afterwards.
There is a message in gvmd.log but it still fails after returning 0 following with “Login Failed. Invalid password or username” in both Chrome and FF. Thoughts?
Hi @alpha23, using the Preformatted text option in the forum, can you please paste the exact command that you are using in the terminal, as it appears in the terminal (for option 3, which is the way Kali handles it). If it was a copy and paste it can introduce unwanted characters at times. Thanks!
It does not work. Executed the following and returns with ‘Login failed. Invalid password or username’ when attempting to log in with the credentials in the command.
Unfortunately i’m not able to give detailed info on Kali as i’m not familiar with that Distro and the upgrading of it. But as it is Debian based you could cross-check via e.g.:
dpkg -l | grep gsad
if the required package version 21.4.4-1kali1 or later is installed.
After the package is installed it might be required that the gsad service is restarted (not sure if the upgrade routine of Kali is doing this on it’s own).
The version provided here doesn’t match the previously mentioned required version 21.4.4-1kali1 (note the different -0kali4 vs. -1kali4).
To receive advanced support for the Kali related question on how to get the correct / updated package i would suggest to open a topic over at https://forums.kali.org/
I updated kali yet again (did so yesterday), and now the gsad version is updated to 22.4.0-0kali1. However, gvmd will not start with the following log and running gvmd --migrate per below results in the error message below related to pg-gvm modules not installed. pg-gvm is installed per below. How do I migrate the database to start gvmd in order to test the password change?
LOG:
md main:MESSAGE:2023-01-14 04h51.27 utc:2227: Greenbone Vulnerability Manager version 22.4.0~dev1 (DB revision 250)
md manage:MESSAGE:2023-01-14 04h51.27 utc:2228: check_db_versions: database version of database: 242
md manage:MESSAGE:2023-01-14 04h51.27 utc:2228: check_db_versions: database version supported by manager: 250
md main:CRITICAL:2023-01-14 04h51.27 utc:2228: gvmd: database is wrong version
MIGRATE:
sudo -u _gvm gvmd --migrate
md manage-Message: 21:40:22.803: db_extension_available: Extension ‘pg-gvm’ is not available.
(gvmd:2139): md manage-WARNING **: 21:40:22.804: check_db_extensions: A required extension is not available.
(gvmd:2139): md manage-WARNING **: 21:40:22.804: init_manage_create_functions: failed to create functions