Hi,
I'm struggling to get omp credentials work on openvas8 / debian 8 Jessie
(actually raspbian).
I'd like to automate the scans and would lik to avoid leaving the user/pw
in the scripts. And the web interface is not an option.
So what I've tried and found so far:
ran the command described in references:
omp -u <admin user> -w <pass> --xml='<create_lsc_credential>
<name>Admin on pi</name>
<login>admin</login>
<password>admin</password>
<comment>Credentials with pw</comment>
</create_lsc_credential>'
this gives back:
<create_lsc_credential_response id=<cred.id> status_text="OK, resource
created" status="201"></create_lsc_credential_response>
but it does ask for a password on each omp command on admin password:
$ omp --xml="<get_lsc_credentials/>"
Enter password:
Failed to authenticate.
empty pw:
$ omp --xml="<get_lsc_credentials/>"
Enter password:
Password must be set.
on some sites people advise to use this form of the command:
omp --xml='
<create_lsc_credential>
<name>Admin on raspGerry</name>
<login>admin</login>
<key>
<private>-----BEGIN RSA PRIVATE KEY----- ... -----END RSA
PRIVATE KEY-----</private>
<public>..</public>
</key>
</create_lsc_credential>'
this complained on the bogus <public> tag, removing that it returned an OK,
but again asked for password no matter what, and didn't recognise any of
the actual passwords I use on this system.
I can get the credentials back from openvas with:
$ omp -u <admin user> -w <password> -i --xml="<get_lsc_credentials/>"
(in which there's a tag: <in_use>0</in_use> that suspicious)
or I can delete the credentials with:
omp omp -u <admin user> -w <password> --xml='<delete_lsc_credential
lsc_credential_id=<credentials id> />'
I'm not sure why it doesn't work. Could anyone point me to the right
direction, please.
Note: I didn't restart any of the services between creating and testing the
credentials.
Regards,
Gary
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
