19.05.2014----17:13:18"Openvas-discuss" <[email protected]> wrote on 19.05.2014 17:13:18:
> From: Michael Meyer <micha [email protected]>> To: [email protected], Openvas-discuss <openvas- > discuss-bounces @wald.intevation.org>, > Date: 19.05.2014 17:13> Subject: Re: [Openvas-discuss] OpenVAS-7 DEMO Virtua l Appliance Version 1.0> Sent by: "Openvas-discuss" <openvas-discuss-bounc [email protected]>> > *** Helmut Koers wrote: > > > Has anyone tried to exchange the key for password encryption? I was trying > > to, but was not able to. Deletion of the existing one did work without any > > issues, but creating the new one did not work at all. The keys that have > > been delivered with the VM have disappeared after the mentioned commands > > to delete them, but no new keys appeared after issuing the command > > "openvasmd --create-credentials-encryption-key". Don't I need to re-create > > a key using "gpg? > > works for me. I've installed haveged to speed up the generation of the > key. > > root@openvas:~# apt-get install haveged > root@openvas:~# rm -rf /usr/local/var/lib/openvas/gnupg/ > root@openvas:~# mkdir /usr/local/var/lib/openvas/gnupg/ > root@openvas:~# chmod 600 /usr/local/var/lib/openvas/gnupg/ > root@openvas:~# openvasmd --create-credentials-encryption-key > root@openvas:~# ls -l /usr/local/var/lib/openvas/gnupg/ > total 16 > -rw------- 1 root staff 622 May 19 11:09 pubring.gpg > -rw------- 1 root staff 0 May 19 11:09 pubring.gpg~ > -rw------- 1 root staff 600 May 19 11:09 random_seed > -rw------- 1 root staff 1273 May 19 11:09 secring.gpg > -rw------- 1 root staff 1240 May 19 11:09 trustdb.gpg > > Micha > > -- > Michael Meyer OpenPGP Key: 0xAF069E9152A6EFA6 > http://www.greenbone.net/ > Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG > Osnabrück, HR B 202460 > Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner > _______________________________________________ > Openvas-discuss mailing list > [email protected] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss This is getting confusing now. The notes on the OpenVAS web page regarding OpenVAS 7 Virtual Appliance do mention the directory "/usr/local/etc/openvas/gnupg" which contains the keyring files and the "OpenVAS Credential Encryption" and "OpenVAS Transfer Integrity" key already. You are mentioning the directory "usr/local/var/lib/openvas/gnupg/" which is existing already but is empty. Applying the "openvasmd --create-credentials-encryption-key" command creates the keyring files and adds the "OpenVAS Credential Encryption" key in that directory, which I did not realize before. I haven't tried yet, but guess it should not be a problem to import the "OpenVAS Transfer Integrity" into that keyring as well. Question now is which is the directory being used and do I need and can I remove the other one without any upcoming issues? Thank you, Helmut _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
