Can't speak for anyone else, but I've had success by not specifying any rules. Based on the error, my suspicion is more likely a login problem than a rules-based problem. Does it work if you try it with a blank ruleset?
On Tue, Aug 19, 2008 at 9:58 AM, Saulo Medeiros de Araújo <[EMAIL PROTECTED] > wrote: > I've set those rules: > > Enter the rules for this user, and hit ctrl-D once you are done: > (the user can have an empty rules set) > accept client_ip > accept 10.0.0.0/16 > default deny > > But im still getting the error message... > > > > On Tue, Aug 19, 2008 at 10:52 AM, Augusto Ferronato < > [EMAIL PROTECTED]> wrote: > >> you need set the rules >> >> #man openvas-adduser >> >> RULES >> Each user has his own set of rules. Rules are here to restrict >> the rights of the users. For instance, you can add user âjoeâ >> that he can only test the host â192.168.1.1âbobâ >> >> Each rule fits on one line. A user can have an unlimited amount of >> rules (and can even have no rule at all). >> >> The syntax is: >> accept|deny ip/mask >> and >> default accept|deny >> >> Where mask is the CIDR netmask of the rule. >> >> The default statement must be the last rule and defines the policy >> of the user. >> >> The following rule set will allow the user to test 192.168.1.0/24, >> 192.168.3.0/24 and 172.22.0.0/16, but nothing else: >> accept 192.168.1.0/24 >> accept 192.168.3.0/24 >> accept 172.22.0.0/16 >> default deny >> >> The following rule set will allow the user to test whatever he >> wants, except the network 192.168.1.0/24: >> deny 192.168.1.0/24 >> default accept >> >> The keyword client_ip has been defined, and is replaced at run time >> by the IP address of the openvasd user. For instance, if you >> want your users to be able to only be able to scan the system they >> come from, then you want them to have the following ruleset: >> accept client_ip >> default deny >> >> Best Regards, >> >> On Tue, Aug 19, 2008 at 10:44 AM, Saulo Medeiros de Araújo < >> [EMAIL PROTECTED]> wrote: >> >>> Im having a problem to access the openvas-client with the users created >>> with openvas-adduser. >>> * >>> oink:~# openvas-adduser >>> Using /var/tmp as a temporary file holder. >>> >>> Add a new openvasd user >>> --------------------------------- >>> >>> >>> Login : teste3 >>> Authentication (pass/cert) [pass] : >>> Login password : >>> Login password (again) : >>> >>> User rules >>> --------------- >>> openvasd has a rules system which allows you to restrict the hosts that >>> teste3 has the right to test. >>> For instance, you may want him to be able to scan his own host only. >>> >>> Please see the openvas-adduser(8) man page for the rules syntax. >>> >>> Enter the rules for this user, and hit ctrl-D once you are done: >>> (the user can have an empty rules set) >>> default accept >>> >>> >>> Login : teste3 >>> Password : *********** >>> >>> Rules : >>> default accept >>> >>> >>> Is that ok? (y/n) [y] y >>> user added.* >>> >>> In the openvas-client i got this error message when i use the user >>> teste3: >>> >>> *Error: Login failed* >>> >>> Any help?? >>> >>> _______________________________________________ >>> Openvas-discuss mailing list >>> [email protected] >>> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss >>> >>> >> >> >> -- >> ------------------------------ >> "Segurança da Informação se faz com tecnologia, processos e pessoas, e a >> formação destas exige mais que uma seqüência de treinamentos. Porque você >> treina macacos. Pessoas,você educa." >> >> FreeBSD: The Freedom to Perform! >> http://www.spreadbsd.org/aff/40/1 >> > > > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > >
_______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
