I got the same error message with a blank ruleset. I agree with you. I think this issue is not a rules problem.
Anyway, im still looking for a solution. On Tue, Aug 19, 2008 at 11:05 AM, Patrick Hornung <[EMAIL PROTECTED]>wrote: > Can't speak for anyone else, but I've had success by not specifying any > rules. Based on the error, my suspicion is more likely a login problem than > a rules-based problem. Does it work if you try it with a blank ruleset? > > > On Tue, Aug 19, 2008 at 9:58 AM, Saulo Medeiros de Araújo < > [EMAIL PROTECTED]> wrote: > >> I've set those rules: >> >> Enter the rules for this user, and hit ctrl-D once you are done: >> (the user can have an empty rules set) >> accept client_ip >> accept 10.0.0.0/16 >> default deny >> >> But im still getting the error message... >> >> >> >> On Tue, Aug 19, 2008 at 10:52 AM, Augusto Ferronato < >> [EMAIL PROTECTED]> wrote: >> >>> you need set the rules >>> >>> #man openvas-adduser >>> >>> RULES >>> Each user has his own set of rules. Rules are here to restrict >>> the rights of the users. For instance, you can add user âjoeâ >>> that he can only test the host â192.168.1.1âbobâ >>> >>> Each rule fits on one line. A user can have an unlimited amount of >>> rules (and can even have no rule at all). >>> >>> The syntax is: >>> accept|deny ip/mask >>> and >>> default accept|deny >>> >>> Where mask is the CIDR netmask of the rule. >>> >>> The default statement must be the last rule and defines the policy >>> of the user. >>> >>> The following rule set will allow the user to test 192.168.1.0/24, >>> 192.168.3.0/24 and 172.22.0.0/16, but nothing else: >>> accept 192.168.1.0/24 >>> accept 192.168.3.0/24 >>> accept 172.22.0.0/16 >>> default deny >>> >>> The following rule set will allow the user to test whatever he >>> wants, except the network 192.168.1.0/24: >>> deny 192.168.1.0/24 >>> default accept >>> >>> The keyword client_ip has been defined, and is replaced at run >>> time by the IP address of the openvasd user. For instance, if you >>> want your users to be able to only be able to scan the system they >>> come from, then you want them to have the following ruleset: >>> accept client_ip >>> default deny >>> >>> Best Regards, >>> >>> On Tue, Aug 19, 2008 at 10:44 AM, Saulo Medeiros de Araújo < >>> [EMAIL PROTECTED]> wrote: >>> >>>> Im having a problem to access the openvas-client with the users created >>>> with openvas-adduser. >>>> * >>>> oink:~# openvas-adduser >>>> Using /var/tmp as a temporary file holder. >>>> >>>> Add a new openvasd user >>>> --------------------------------- >>>> >>>> >>>> Login : teste3 >>>> Authentication (pass/cert) [pass] : >>>> Login password : >>>> Login password (again) : >>>> >>>> User rules >>>> --------------- >>>> openvasd has a rules system which allows you to restrict the hosts that >>>> teste3 has the right to test. >>>> For instance, you may want him to be able to scan his own host only. >>>> >>>> Please see the openvas-adduser(8) man page for the rules syntax. >>>> >>>> Enter the rules for this user, and hit ctrl-D once you are done: >>>> (the user can have an empty rules set) >>>> default accept >>>> >>>> >>>> Login : teste3 >>>> Password : *********** >>>> >>>> Rules : >>>> default accept >>>> >>>> >>>> Is that ok? (y/n) [y] y >>>> user added.* >>>> >>>> In the openvas-client i got this error message when i use the user >>>> teste3: >>>> >>>> *Error: Login failed* >>>> >>>> Any help?? >>>> >>>> _______________________________________________ >>>> Openvas-discuss mailing list >>>> [email protected] >>>> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss >>>> >>>> >>> >>> >>> -- >>> ------------------------------ >>> "Segurança da Informação se faz com tecnologia, processos e pessoas, e a >>> formação destas exige mais que uma seqüência de treinamentos. Porque você >>> treina macacos. Pessoas,você educa." >>> >>> FreeBSD: The Freedom to Perform! >>> http://www.spreadbsd.org/aff/40/1 >>> >> >> >> >> _______________________________________________ >> Openvas-discuss mailing list >> [email protected] >> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss >> >> > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > >
_______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
