I’m trying to make Greenbone listen on port 9390 on a VM but it simply refuses to do so.
The command i use is:
sudo gvmd -a 127.0.0.1 -p 9000
There is no error message or anything, that could indicate that the command didn’t work.
When checking netstat -tupl there is nothing listening on port 9390 though.
Is there anything I’m missing here?
Little correction first, I was trying to run: gvmd -a 127.0.0.1 -p 9390
The gvmd.log has following entry for the command:
main:MESSAGE:2019-07-08 08h33.40 utc:6164: Greenbone Vulnerability Manager version 8.0.0 (DB revision 205)
md main:WARNING:2019-07-08 08h33.40 utc:6164: main: Main process is already running
What I’m trying to do is establish a tls communication from a GMP Client to the gvmd. I’m using a VM for this, which has everything running on localhost. So far the only way to accomplish this is this for me:
gvm-cli socket --sockpath /var/run/gvmd.sock --gmp-username=admin --gmp-password=admin -X “<get_version/>”
Running the same command with tls I get following Error:
gvm-cli tls --hostname 127.0.0.1 --port 9390 --gmp-username=admin -X “<get_version/>”
Enter password for admin:
[Errno 111] Connection refused
In the older openvasmd Version, I could fulfill the get version request without providing a socket or anything: omp --username admin --xml="<get_version/>"
Having to provide a path to the socket is not desired, since I’m using a 3rd party program that is trying to connect to the gvmd (the code is tailored for the older openvasmd Version, but according to the docs it should still be compatible). The 3rd party program was able to connect to the openvasmd in the past, but since the rebrand to greenbone, it is unable to establish a connection.
Okay, thanks. I’ll look into it. Do you by any chance know why it keeps saying “Main process is already running” when i try to make it listen on port 9390?
So I tried using the config file, but there seems to be something off. I cannot provide the gvm-cli with the --config argument.
gvm-cli --config ~/.config/gvm-tools.conf
No section: ‘Auth’
usage: gvm-cli [-h] [-V] [connection_type] …
gvm-cli: error: the following arguments are required: [connection_type]
Thanks, will check it out. I’ve installed openvas/greenbone with the yum packet manager, which needs to be run as root. I suppose it gave all the rights to the root user because of it. I’ll change it ASAP
So I have uninstalled gvm-tools (had Version 1.4.x) and reinstalled it using pip install --user gvm-tools.
Now I have following Version of gvm-tools: gvm-cli 2.0.0.beta1. API version 1.0.0.beta2
The problem sadly still persists: gvm-cli usage: gvm-cli [-h] [-V] [connection_type] … gvm-cli: error: the following arguments are required: [connection_type]
[connection_type]
ssh Use SSH connection for gmp service.
tls Use TLS secured connection for gmp service.
socket Use UNIX-Socket connection for gmp service.
Okay, I killed the process and gvmd is now running on the “vagrant” user.
I changed all permissions under /var/log/gvm/ and /var/run/gvm to the user “vagrant”. After that I ran following command to change the owner of the socket. # gvmd --listen-owner=vagrant --listen-group=vagrant
I uninstalled gvm-tools and installed it for the vagrant user with: # pip install --user gvm-tools
# gvm-cli -V
gvm-cli 2.0.0.beta1. API version 1.0.0.beta2
This error means the unix socket couldn’t be found. I’ve already improved the error message in the master branch. Please check if /var/run/gvmd.sock is available and accessible.
I can run gvm-cli socket --sockpath /var/run/gvmd.sock --gmp-username=admin --gmp-password=admin -X “<get_version/>” without any issues.
It returns: <get_version_response status=“200” status_text=“OK”>8.0</get_version_response>
Is that enough to verify it?
Okay. So after digging more I now know that essentially I need to get TLS working cause that was the default connection type for the older protocol. For the gvm-tools.conf it says I need to provide the path to the tls.cert, tls.key and tls.ca. Where are they typically stored?