All HowTo's Cyber-Security Linux Redhat, Fedora and CentOS Linux Ubuntu, Mint & Debian Linux

Installing OpenVAS on Kali in 2020

This article explains how to install OpenVAS on Kali Linux. The difference between this method and others is the switch from “openvas” to “gvm” for naming/marketing. As you might have seen, I’ve written several articles on installing and using OpenVAS on CentOS. Don’t do it. Don’t go through the pain needed to get OpenVAS working stably on CentOS or anything RPM based. Skip it and use Kali Linux. Don’t get me wrong, I prefer CentOS/Fedora/RHEL for everything else, but not OpenVAS. Having just installed Kali Linux, do the following:

apt-get update
apt-get upgrade
apt-get install gvm*

Now run the setup program. Go have a coffee because this takes a long time – even with a good Internet connection:

gvm-setup

Open the firewall allowing remote access to your new OpenVAS installation/server. Obviously this is optional and assumes you’re using your OpenVAS system as a “server” on some remote system as apposed to on your local workstation.

apt-get install ufw
ufw enable
ufw allow 80
ufw allow 9392

Start OpenVAS and access it on the local host “127.0.0.1”:

gvm-start

Start using OpenVAS as you normally would.

13 comments

  1. hello, I followed your instruction and I keep having issues. When I run the gvm-start command, it times out. I run the command gvm-check-setup and it has 1 fix: ERROR: No users found. You need to create at least one user to log in.
    FIX: create a user by running ‘sudo runuser -u _gvm — gvmd –create-user= –password=’
    I ran the fix and when i run the check again, the same error message pops up. When I check the gsad and gvm log files, this is what I see:
    sudo cat /var/log/gvm/gsad.log
    gsad main:MESSAGE:2020-09-27 23h41.38 utc:70302: Starting GSAD version 9.0.1
    gsad main:CRITICAL:2020-09-27 23h41.38 utc:70304: main: Could not write PID file.

    sudo cat /var/log/gvm/gvmd.log
    md main:MESSAGE:2020-09-27 23h18.51 utc:70179: Greenbone Vulnerability Manager version 9.0.1 (DB revision 221)
    md manage: INFO:2020-09-27 23h18.51 utc:70179: Getting users.
    md manage:WARNING:2020-09-27 23h18.51 utc:70179: sql_open: PQconnectStart to ‘gvmd’ failed: could not connect to server: No such file or directory
    Is the server running locally and accepting
    connections on Unix domain socket “/var/run/postgresql/.s.PGSQL.5432”?

    I also get this sometimes when I run gvm-start
    sudo gvm-start
    [-] Something is already using port: 9392/tcp
    COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
    gsad 8473 _gvm 5u IPv4 51881 0t0 TCP localhost:9392 (LISTEN)

    UID PID PPID C STIME TTY STAT TIME CMD
    _gvm 8473 1 0 22:37 ? Sl 0:00 /usr/sbin/gsad –listen=127.0.0.1 –port=9392

  2. Hi Darren,

    Interesting about the user not existing. Not sure why it worked for me, unless it didn’t and I fixed it without documenting it. I’d like to think I would remember to do something that significant. 🙁

    Andrew

    1. Same here, also did anyone observe this during install –

      Setting up ospd-openvas (20.8.0-1) …
      ospd-openvas.service is a disabled or a static unit not running, not starting it.
      Setting up python3-gvm (21.1.1-1) …
      Setting up greenbone-security-assistant (20.8.0-1) …
      greenbone-security-assistant.service is a disabled or a static unit not running, not starting it.

      Removed gvm* and did a reinstall due to previous error comment below

      1. Re-installation helped along with changes suggested by Sarath.

        I can create a new user and log in to GVM but cannot via admin credential. Also, admin password change does not allow login.

        Thanks

  3. Step 6: Checking Greenbone Security Assistant (GSA) …
    ERROR: No Greenbone Security Assistant (gsad) found.
    FIX: Please install Greenbone Security Assistant.
    this is the error i am getting all the time i have removed openvas and reinstalled i have even removed the postres database and reinstalled any idea please.

  4. Would appreciate more info on using GVM on a real client server situation. Opening a firewall port is a start, but everything I see depends on gvm-tools using gvm-cli, but not many details.

    This is more about have a “server” that scans the network it’s attached to. Where one of the features is able to run the server remotely, outside on the internet and only install bare minimum on the client.

  5. Worked (almost!) fine on a newly installed Kali Linux System. Thanks!

    Apart from the very important step: Reboot after installing gvm*. Probably works even with opening a new shell (seems to be missing a PATH), but I can’t verify due to the errors (“getcwd() …”) now having gone.

  6. I am getting the gsad error while installing the openvas in my kali linux

    ┌──(root💀kali)-[~]
    └─# gvm-check-setup
    gvm-check-setup 21.4.3
    Test completeness and readiness of GVM-21.4.3
    .
    .
    Step 6: Checking Greenbone Security Assistant (GSA) …
    Oops, secure memory pool already initialized
    OK: Greenbone Security Assistant is present in version 21.4.4.
    Step 7: Checking if GVM services are up and running …
    OK: ospd-openvas service is active.
    OK: gvmd service is active.
    Starting gsad service
    Job for gsad.service failed because a timeout was exceeded.
    See “systemctl status gsad.service” and “journalctl -xe” for details.
    Waiting for gsad service
    ERROR: gsad service did not start.
    ** Please check journalctl -xe and /var/log/gvm/gsad.log**

    ERROR: Your GVM-21.4.3 installation is not yet complete!

    Please follow the instructions marked with FIX above and run this
    script again.

    hope anyone can help me to clear this problem

  7. I am getting this error while installing the openvas in my kali linux

    Job for gsad.service failed because a timeout was exceeded.
    See “systemctl status gsad.service” and “journalctl -xe” for details.
    Waiting for gsad service
    ERROR: gsad service did not start.
    ** Please check journalctl -xe and /var/log/gvm/gsad.log**

    ERROR: Your GVM-21.4.3 installation is not yet complete!

Leave a Reply to Alfred Cancel reply

Your email address will not be published. Required fields are marked *