Steps to use GVM-CL to return reports


#1

I cannot run gvm-cli from the command line without receiving lots of traceback errors.

gvm-cli ssh --hostname 192.168.1.229 --port 4000 --gmp-username admin --gmp-password admin --xml “<create_target>Suspect Host 192.168.1.229</create_target>”
Exception: Error reading SSH protocol banner
Traceback (most recent call last):
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/paramiko/transport.py”, line 2138, in _check_banner
buf = self.packetizer.readline(timeout)
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/paramiko/packet.py”, line 367, in readline
buf += self._read_timeout(timeout)
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/paramiko/packet.py”, line 563, in _read_timeout
raise EOFError()
EOFError

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/paramiko/transport.py”, line 1966, in run
self._check_banner()
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/paramiko/transport.py”, line 2143, in _check_banner
“Error reading SSH protocol banner” + str(e)
paramiko.ssh_exception.SSHException: Error reading SSH protocol banner

Traceback (most recent call last):
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/paramiko/transport.py”, line 2138, in _check_banner
buf = self.packetizer.readline(timeout)
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/paramiko/packet.py”, line 367, in readline
buf += self._read_timeout(timeout)
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/paramiko/packet.py”, line 563, in _read_timeout
raise EOFError()
EOFError

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/gvm/connections.py”, line 206, in connect
look_for_keys=False)
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/paramiko/client.py”, line 397, in connect
t.start_client(timeout=timeout)
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/paramiko/transport.py”, line 587, in start_client
raise e
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/paramiko/transport.py”, line 1966, in run
self._check_banner()
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/paramiko/transport.py”, line 2143, in _check_banner
“Error reading SSH protocol banner” + str(e)
paramiko.ssh_exception.SSHException: Error reading SSH protocol banner

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/bin/gvm-cli”, line 10, in
sys.exit(main())
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/gvmtools/cli.py”, line 251, in main
gvm.authenticate(args.gmp_username, args.gmp_password)
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/gvm/protocols/gmpv7.py”, line 210, in authenticate
self._send(cmd.to_string())
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/gvm/protocols/base.py”, line 62, in _send
self.connect()
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/gvm/protocols/base.py”, line 98, in connect
self._connection.connect()
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/gvm/connections.py”, line 214, in connect
raise GvmError(‘SSH Connection failed’, e)
gvm.errors.GvmError: (‘SSH Connection failed’, SSHException(‘Error reading SSH protocol banner’))

NEITHER CAN I RUN PYSHELL

gmp.create_host()
Traceback (most recent call last):
File “”, line 1, in
AttributeError: ‘Gmp’ object has no attribute ‘create_host’

gmp.authenticate(admin,admin)
Traceback (most recent call last):
File “”, line 1, in
NameError: name ‘admin’ is not defined

gmp.authenticate(“admin”,“admin”)
Traceback (most recent call last):
File “”, line 1, in
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/gvm/protocols/gmpv7.py”, line 210, in authenticate
self._send(cmd.to_string())
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/gvm/protocols/base.py”, line 62, in _send
self.connect()
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/gvm/protocols/base.py”, line 98, in connect
self._connection.connect()
File “/home/subhojoy/.local/share/virtualenvs/subhojoy-maUCqr1E-H4iRrPYg/lib/python3.7/site-packages/gvm/connections.py”, line 310, in connect
self._socket.connect(self.path)
PermissionError: [Errno 13] Permission denied


#2

Hi,

you can’t connect to gvmd/openvasmd via SSH out of the box. You either need to buy a Greenbone appliance where this setup is supported or you need to setup the SSH connection by yourself.


Passing arguments to gvm-tools
#3

Alternatively you can also use the unix socket connection (easiest solution but you need to be on the same machine) or the tls connection (needs some tls cert setup and adjustments to the gvmd/openvasmd parameters).


#4

Could elaborate with a command to use?


#5

I am sorry ssh/tls setup is completely out of my scope.


#6

How would I take out the vulnerability reports from the server at the command line?


#7

gvm-cli is not available to me for ubuntu untill I buy the software?


#8

No. I didn’t write that.

For remote access via gvm-tools you need to setup either TLS or SSH by yourself. Using unix domain sockets is the default and doesn’t need a setup but the unix domain socket connection type can only be used on the same machine and not remote. If you buy a Greenbone appliance you will get the SSH access out of the box because this is what we provide for remote access.


#9

Oh! So I have to setup a local socket connection to access greenbone server right?

  1. Does the server provide SSH permission?
  2. After UNIUXSOCKET is setup can I use the tools to get the reports from command line?

#10

What do you mean by greenbone server? There is no greenbone server. See the architecture fore details

If you mean gvmd/openvasmd by greenbone server, the daemon is already running by default with a local unix socket connection because gsad uses this connection type.

Maybe you should read the section about the connection type in the gvm-tools docs first

https://gvm-tools.readthedocs.io/en/latest/connectiontypes.html