Early in the year a leader in the DevOps team at my job asked me if I wouldn’t mind taking on a project in my free time. The project was to install GVM (formerly known as OpenVAS) on a VM, which would target key systems for security audits. Our goal was also to setup an ssh key for to scan libraries on a target machine, showing required security updates.
To my surprise installing GVM was no simple task. After a few days I got it installed through the official docker container. It’s much easier than the non-docker approach, but I found an even easier method.
This method seems to work via Kali Linux only, so I’m positing that Kali Linux has some underlying configurations that allow the smooth install of GVM.
Steps to Install GVM on Kali Linux
I tried this simplistic approach on Debian, without success. However on Kali Linux it worked perfectly for me:
sudo apt update
sudo apt upgrade -y
sudo apt dist-upgrade -y
sudo apt install openvas
sudo gvm-setup
sudo gvm-check-setupPay attention to the output as it will create an Admin user with an auto generated password.
If you need to setup a new user, it can be done like so (notice the spacing, it’s 100% accurate as written below, even though those — surrounded by spaces looks odd, it’s intentional):
sudo runuser -u _gvm -- gvmd --create-user=<user> --new-password=<pass>
Once GVM setup is complete it should load at your https://localhost:9392
Downloading the Feeds
While you can login, you likely can not be able to setup new scans. The FEEDS need to be downloaded. If all had gone well in the gvm-setup and gvm-check-setup it will start downloading the feeds. This can take HOURS. The docker container had feed logs that could be tailed. GVM logs here are in /var/log/gvm.
You can also check the feed status, by logging into the GVM web app and then going to:
Administration > Feed Status
This will show what is being downloaded. This can take several hours. Until that is done, you can not run scans. Just be patient. If it shows failures you can attempt to run these feed updates manually with commands like:
sudo greenbone-feed-sync --type nvt
sudo greenbone-feed-sync --type scap
sudo greenbone-feed-sync --type cert