I have attempted to deploy a distributed setup, where the OpenVAS manager is creating requests to remote OpenVAS scanners to scan.
Right now, my topology is simple (internal network in Vbox) = Master (10.0.2.8) is directly connected to Slave (10.0.2.9) . They are pingable to one another.
What I have done is: Slave
nano /etc/init.d/openvas-manager > change the manager IP to 10.0.2.8, manager port to 9390
Create new user > openvasmd --create-user=scanner --role=Admin
openvas-manage-certs > obtain the cacert.pem file for Manager
Master
Create credentials > User + Password
Create scanner > Host > 10.0.2.9, OMP Slave, use cacert.pem, use above credentials
Create Target
Create Task
From the:
tail /var/log/openvas/openvasmd.logs
I can see that connections are being tried but failing to reach the slave. From the GSA GUI, the task is stuck on “Requested”
Hence, can someone help with identifying: What and How to check in the case of non-connectivity between Master and Slave (eg, are they reachable, are they listening on the port, to actual configuration of OpenVAS)
Hi, I don’t have problems to reach the slave, but i have problems with certificates, can you please describe more detailed how do you export/import it? Regardss
If you are talking about the certs so that master and slaves can communicate, all you have to do is to find something called the servercert.pem.
Try to do this on the slaves:
find / -name servercert.pem
See where it is located, and when you find it, transfer it to the master, anywhere you want. When you create a slave scanner on the master, there will be a need to upload a cert. This is where you select the certs.