Hi all, I tried to install OpenVAS 8 from source on a Debian 7 system according to the instructions on the web sites <http://www.openvas.org/install-source.html> and <http://www.openvas.org/setup-and-start.html>, but unfortunately got stuck. I suspect that a communication issue between the Scanner and Manager occurs, as the log file of the latter states after running 'openvasmd --rebuild'
<snip>
md main:MESSAGE:2016-01-28 11h32.20 utc:30099: No SCAP database found
md main:MESSAGE:2016-01-28 11h32.20 utc:30099: No CERT database found
lib serv:WARNING:2016-01-28 11h32.20 utc:30099: Failed to shake hands with
peer: The signature algorithm is not supported.
</snip>
The scanner log file is (apart from the start message) empty.
According to the output of openssl, the certificates generated during the setup
process have
<snip>
Signature Algorithm: sha256WithRSAEncryption
</snip>
Might this be the cause of the error?
I attach the log of running openvas-check-setup to this message.
Any insight for a fix would be highly appreciated!
Thanks in advance
Albrecht.openvas-check-setup 2.3.3 Mode: desktop Date: Thu, 28 Jan 2016 12:30:16 +0100 Checking for old OpenVAS Scanner <= 2.0 ... ./openvas-check-setup: 163: ./openvas-check-setup: openvasd: not found Checking presence of OpenVAS Scanner ... OpenVAS Scanner 5.0.5 Most new code since 2005: (C) 2015 Greenbone Networks GmbH Nessus origin: (C) 2004 Renaud Deraison <[email protected]> License GPLv2: GNU GPL version 2 This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Checking OpenVAS Scanner version ... OK: OpenVAS Scanner is present in version 5.0.5. plugins_folder = /opt/openvas/var/lib/openvas/plugins cache_folder = /opt/openvas/var/cache/openvas include_folders = /opt/openvas/var/lib/openvas/plugins max_hosts = 30 max_checks = 10 be_nice = no logfile = /opt/openvas/var/log/openvas/openvassd.messages log_whole_attack = no log_plugins_name_at_load = no dumpfile = /opt/openvas/var/log/openvas/openvassd.dump cgi_path = /cgi-bin:/scripts optimize_test = yes checks_read_timeout = 5 network_scan = no non_simult_ports = 139, 445 plugins_timeout = 320 safe_checks = yes auto_enable_dependencies = yes use_mac_addr = no nasl_no_signature_check = yes drop_privileges = no unscanned_closed = yes unscanned_closed_udp = yes vhosts = vhosts_ip = report_host_details = yes cert_file = /opt/openvas/var/lib/openvas/CA/servercert.pem key_file = /opt/openvas/var/lib/openvas/private/CA/serverkey.pem ca_file = /opt/openvas/var/lib/openvas/CA/cacert.pem kb_location = /tmp/redis.sock config_file = /opt/openvas/etc/openvas/openvassd.conf Checking OpenVAS Scanner CA cert ... OK: OpenVAS Scanner CA Certificate is present as /opt/openvas/var/lib/openvas/CA/cacert.pem. Checking presence of redis ... OK: redis-server is present in version 2.4.14. Checking if redis-server is configured properly to run with openVAS ... OK: scanner (kb_location setting) is configured properly using the redis-server socket: /tmp/redis.sock Checking if redis-server is running ... OK: redis-server is running and listening on socket: /tmp/redis.sock. OK: redis-server configuration is OK and redis-server is running. Checking NVT collection ... OK: NVT collection in /opt/openvas/var/lib/openvas/plugins contains 45395 NVTs. Checking status of signature checking in OpenVAS Scanner ... WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner. SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html). OK: The NVT cache in /opt/openvas/var/cache/openvas contains 45395 files for 45395 NVTs. Checking presence of OpenVAS Manager ... OpenVAS Manager 6.0.7 Manager DB revision 146 Copyright (C) 2010-2015 Greenbone Networks GmbH License GPLv2+: GNU GPL version 2 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. OK: OpenVAS Manager is present in version 6.0.7. Checking OpenVAS Manager client certificate ... OK: OpenVAS Manager client certificate is present as /opt/openvas/var/lib/openvas/CA/clientcert.pem. Checking OpenVAS Manager database ... OK: OpenVAS Manager database found in /opt/openvas/var/lib/openvas/mgr/tasks.db. Checking access rights of OpenVAS Manager database ... OK: Access rights for the OpenVAS Manager database are correct. Checking sqlite3 presence ... OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled. Checking OpenVAS Manager database revision ... OK: OpenVAS Manager database is at revision 146. Checking database revision expected by OpenVAS Manager ... OK: OpenVAS Manager expects database at revision 146. OK: Database schema is up to date. Checking OpenVAS Manager database (NVT data) ... ERROR: The number of NVTs in the OpenVAS Manager database is too low. FIX: Make sure OpenVAS Scanner is running with an up-to-date NVT collection and run 'openvasmd --rebuild'.
pgpaEG3S9hUdn.pgp
Description: PGP signature
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
