you need set the rules
#man openvas-adduser
RULES
Each user has his own set of rules. Rules are here to restrict
the rights of the users. For instance, you can add user âjoeâ
that he can only test the host â192.168.1.1âbobâ
Each rule fits on one line. A user can have an unlimited amount of
rules (and can even have no rule at all).
The syntax is:
accept|deny ip/mask
and
default accept|deny
Where mask is the CIDR netmask of the rule.
The default statement must be the last rule and defines the policy of
the user.
The following rule set will allow the user to test 192.168.1.0/24,
192.168.3.0/24 and 172.22.0.0/16, but nothing else:
accept 192.168.1.0/24
accept 192.168.3.0/24
accept 172.22.0.0/16
default deny
The following rule set will allow the user to test whatever he wants,
except the network 192.168.1.0/24:
deny 192.168.1.0/24
default accept
The keyword client_ip has been defined, and is replaced at run time
by the IP address of the openvasd user. For instance, if you
want your users to be able to only be able to scan the system they
come from, then you want them to have the following ruleset:
accept client_ip
default deny
Best Regards,
On Tue, Aug 19, 2008 at 10:44 AM, Saulo Medeiros de Araújo <
[EMAIL PROTECTED]> wrote:
> Im having a problem to access the openvas-client with the users created
> with openvas-adduser.
> *
> oink:~# openvas-adduser
> Using /var/tmp as a temporary file holder.
>
> Add a new openvasd user
> ---------------------------------
>
>
> Login : teste3
> Authentication (pass/cert) [pass] :
> Login password :
> Login password (again) :
>
> User rules
> ---------------
> openvasd has a rules system which allows you to restrict the hosts that
> teste3 has the right to test.
> For instance, you may want him to be able to scan his own host only.
>
> Please see the openvas-adduser(8) man page for the rules syntax.
>
> Enter the rules for this user, and hit ctrl-D once you are done:
> (the user can have an empty rules set)
> default accept
>
>
> Login : teste3
> Password : ***********
>
> Rules :
> default accept
>
>
> Is that ok? (y/n) [y] y
> user added.*
>
> In the openvas-client i got this error message when i use the user teste3:
>
> *Error: Login failed*
>
> Any help??
>
> _______________________________________________
> Openvas-discuss mailing list
> [email protected]
> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
>
>
--
------------------------------
"Segurança da Informação se faz com tecnologia, processos e pessoas, e a
formação destas exige mais que uma seqüência de treinamentos. Porque você
treina macacos. Pessoas,você educa."
FreeBSD: The Freedom to Perform!
http://www.spreadbsd.org/aff/40/1
_______________________________________________
Openvas-discuss mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
