Greenbone Security Assistant 20.08.1 Admin password reset

GVM versions

gsad: (‘gsad --version’) 20.08.1
gvmd: (‘gvmd --version’) 20.08.1

Environment

Operating system: Ubuntu 20.04 LTS
Kernel: (‘uname -a’) 5.4.0-66-generic
Installation method / source: Thirdparty package

I am unable to change the default “admin” password which is currently admin. I tried the following commands but nothing worked:

sudo runuser -u gvm – gvmd --create-user=admin --new-password=“newpasswordhere”

sudo gvmd --user=admin --new-password=“newpasswordhere”

gvmd --user=admin --new-password=“newpasswordhere”

what am I missing? How can I change the default admin user password?

Thank you for your help

Hi @mstjohn,
I have just checked with
gvmd --user=admin --new-password=newpassword

in the gvmd log file I can see
md manage: INFO:2021-03-04 10h59.05 utc:29623: Modifying user password.

Are you using quotations to set the password? Maybe some char not allowed?

2 Likes

I entered the following command as root:

gvmd --user=admin --new-password=MyNewPassword2021

and I see this in the log:

md main:MESSAGE:2021-03-04 18h27.09 utc:52551: Greenbone Vulnerability Manager version 20.08.1 (DB revision 233)
md manage: INFO:2021-03-04 18h27.09 utc:52551: Modifying user password.
md manage:WARNING:2021-03-04 18h27.09 utc:52551: sql_open: PQconnectPoll failed
md manage:WARNING:2021-03-04 18h27.09 utc:52551: sql_open: PQerrorMessage (conn): FATAL: role “root” does not exist
md manage:WARNING:2021-03-04 18h27.09 utc:52551: init_manage_process: sql_open failed

You need to run the command as the user which has been used / configured for the database connection of the gvmd daemon. The user depends on your environment / installation guide you have followed, please have a look at the thirdparty package manual for possible more information on the user.

2 Likes

Maybe you want to take a look at the DB section in the install file if you still didn’t solve the issue.

2 Likes

The linked manual didn’t really help me and I’ll explain why and describe how I successfully changed the admin user password:

$ gvm-cli socket --xml "<get_version/>"
<get_version_response status="200" status_text="OK"><version>21.4</version></get_version_response>

I found the gvm username on Kali Linux for my install by checking the ownership of the files:

$ ls -lah /var/lib/openvas
total 228K\
drwxr-xr-x  6 _gvm _gvm 4.0K Dec  4 19:22 .
drwxr-xr-x 85 root root 4.0K Nov 17 15:46 ..
drwx------  2 _gvm _gvm 4.0K Apr 21  2021 .cache
...

But you probably cannot su into _gvm user because the user has been set without a shell profile:

$ sudo su _gvm
This account is currently not available.
$ sudo useradd _gvm
useradd: user '_gvm' already exists

I change the bash profile for the user _gvm:

$ sudo nano /etc/passwd

Change line:
_gvm:x:138:149::/var/lib/openvas:/usr/sbin/nologin
To:
_gvm:x:138:149::/var/lib/openvas:/bin/bash

Now can su to that _gvm user:

$ sudo su _gvm
gvm@kali:~$
gvmd --user=admin --new-password=NewPassword123

No output message from terminal and the new password don’t work so I check the log file:

$ tail /var/log/gvm/gvmd.log
md   main:MESSAGE:2021-12-10 20h59.46 utc:8429:    Greenbone Vulnerability Manager version 21.4.0 (DB revision 242)
md manage:   INFO:2021-12-10 20h59.46 utc:8429:    Modifying user password.
md manage:WARNING:2021-12-10 20h59.47 utc:8429: sql_exec_internal: PQexec failed: ERROR:  must be owner of aggregate group_concat
 (7)
md manage:WARNING:2021-12-10 20h59.47 utc:8429: sql_exec_internal: SQL: DROP AGGREGATE IF EXISTS group_concat (text, text);
md manage:WARNING:2021-12-10 20h59.47 utc:8429: sqlv: sql_exec_internal failed

So, I tried another method all together: use the user postgres:

$ sudo su postgres
$ postgres@kali:/home/kali/Software/gvm-tools$ gvmd --user=admin --new-password=NewPassword123 
md   main-Message: 20:33:37.883:    Greenbone Vulnerability Manager version 21.4.0 (DB revision 242)
(gvmd:6630): md manage-WARNING **: 20:33:37.883: Failed to open lock file '/var/lib/openvas/gvm-checking': Permission denied
(gvmd:6630): md   main-CRITICAL **: 20:33:37.883: gvmd: Error trying to get checking lock

But a permission error stopped it so, have to change the permissions of all the files in /var/lib/openvas directory:

$ sudo chmod 777 /var/lib/openvas/*

This is clearly not good but it works and you can change the file permission back afterwards:

$ postgres@kali:/home/kali/Software/gvm-tools$ gvmd --user=admin --new-password=NewPassword123 
md   main-Message: 20:35:45.858:    Greenbone Vulnerability Manager version 21.4.0 (DB revision 242)

$ sudo chmod 664 /var/lib/openvas/*

The terminal output message and now the new password is worked.

3 Likes

I was able to change it simply using gvmd --user=‘user’ --new-password=‘password’

This issue for me was using double quotes or no quotes at all. Had to use single quotes around the user and password

1 Like

Thanks for this, you saved me a lot of time. It works with GVM 21.4

sudo -u _gvm gvmd --user=‘user’ --new-password=‘newpassword’

2 Likes

@rippledj

you can use command without modifying pw file

su - _gvm -s /bin/bash

Eero

@redray chmod 777 is very bad advise :see_no_evil::woman_facepalming:t2:

Eero

3 Likes

Just some background info on the previous posting:

Setting a folder to 777 (meaning world-writable for all users/services of the system) is usually a bad idea from security perspective. Please use a correct owner (e.g. on systems there is a gvm user) instead.

1 Like

@cfi Giving 777 to /var/lib is insane. That bad post should be deleted.

:smiling_face_with_tear:

Eero

1 Like

You can use the “flag” function of the forums to flag that post for deletion by the moderation team.

@rippledj this post is totally wrong and contais even dangerous commands to system security. please delete it :face_holding_back_tears:

Eero

1 Like