How does GVM store authenticated scan credentials?

victor.sanchez · July 31, 2019, 2:02pm

Dear all,

Just a quick question.

How does GVM store authenticated scan credentials in order to retrieve them for later scans?

I cannot find it in the docs.

Thank you for your answer.

Lukas · July 31, 2019, 6:47pm

GPG Encrypted in the Database, every GSM does have a private key for that, and this is used to encrypt them into the database. If you build without GPG Support i suppose in cleartext

bricks · August 1, 2019, 7:12am

> psql gvmd


gvmd=> \d credentials_data
                              Table "public.credentials_data"
   Column   |  Type   | Collation | Nullable |                   Default                    
------------+---------+-----------+----------+----------------------------------------------
 id         | integer |           | not null | nextval('credentials_data_id_seq'::regclass)
 credential | integer |           |          | 
 type       | text    |           |          | 
 value      | text    |           |          | 
Indexes:
    "credentials_data_pkey" PRIMARY KEY, btree (id)
Foreign-key constraints:
    "credentials_data_credential_fkey" FOREIGN KEY (credential) REFERENCES credentials(id) ON DELETE RESTRICT

victor.sanchez · August 1, 2019, 7:19am

One more question:

Assuming that the column type stores values like up, usk, smime, etc. What values does the credential column store?

Thank you for your quick answers.

bricks · August 1, 2019, 7:26am

The reference to the credential id in the credentials table as shown here:

FOREIGN KEY (credential) REFERENCES credentials(id) ON DELETE RESTRICT