That yelled me this on the client but still the scan has not progressed from
Requested.
Client:
lib serv: DEBUG:2018-02-23 14h37.52 utc:25578: Shook hands with peer.
md main: DEBUG:2018-02-23 14h37.52 utc:25578: Serving OMP.
md main: DEBUG:2018-02-23 14h37.52 utc:25578: <= client Input may contain
password, suppressed.
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: XML start: authenticate (0)
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: client state set: 2
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: XML start: credentials (2)
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: client state set: 3
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: XML start: username (3)
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: client state set: 5
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: XML text: admin
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: XML end: username
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: client state set: 3
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: XML start: password (3)
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: client state set: 4
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: XML text: ********
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: XML end: password
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: client state set: 3
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: XML end: credentials
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: client state set: 2
md omp: DEBUG:2018-02-23 14h37.52 utc:25578: XML end: authenticate
md main: DEBUG:2018-02-23 14h37.52 UTC:25578: -> client:
<authenticate_response status="200"
status_text="OK"><role>Admin</role><timezone>UTC</timezone><severity>nist</severity></authenticate_response>
md omp: DEBUG:2018-02-23 14h37.52 UTC:25578: client state set: 1
md main: DEBUG:2018-02-23 14h37.52 UTC:25578: => client 144 bytes
md main: DEBUG:2018-02-23 14h37.52 UTC:25578: => client done
I know the username and password are correct. And the slave even sent a 200
response to the master so why is it not working???? So frustrating.
Louis
:::::
Louis Bohm - Sr. Systems Engineer
Dell TechDirect Certified
> On Feb 23, 2018, at 7:42 AM, Thijs Stuurman
> <[email protected]> wrote:
>
> Try the /var/lib/openvas/CA/cacert.pem from your slave.
>
> Thijs Stuurman
> Security Operations Center | KPN Internedservices B.V.
> [email protected]
> <mailto:[email protected]> | [email protected]
> <mailto:[email protected]>
> T: +31(0)299476185 | M: +31(0)624366778
> PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/ <https://pgp.surfnet.nl/>)
> Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048
>
> W: https://www.internedservices.nl <https://www.internedservices.nl/> | L:
> https://nl.linkedin.com/in/thijsstuurman
> <https://nl.linkedin.com/in/thijsstuurman>
>
> Van: Louis Bohm [mailto:[email protected]]
> Verzonden: vrijdag 23 februari 2018 13:18
> Aan: Thijs Stuurman <[email protected]>
> CC: [email protected]
> Onderwerp: Re: [Openvas-discuss] Scanner Master Slave setup
>
> According to the doc it says to use:
> ${CMAKE_INSTALL_PREFIX}"/var/lib/openvas/CA/servercert.pem.
> On CentOS 7 that turns out to be: /var/lib/openvas/CA/servercert.pem
> according to openvas-manage-certs -V
> [root@pci-sec02 ~]# openvas-manage-certs -V
> OK: Directory for keys (/var/lib/openvas/private/CA) exists.
> OK: Directory for certificates (/var/lib/openvas/CA) exists.
> OK: CA key found in /var/lib/openvas/private/CA/cakey.pem
> OK: CA certificate found in /var/lib/openvas/CA/cacert.pem
> OK: CA certificate verified.
> OK: Certificate /var/lib/openvas/CA/servercert.pem verified.
> OK: Certificate /var/lib/openvas/CA/clientcert.pem verified.
>
> Is it not the servercert.pem from the slave openvas host that I am supposed
> to use?
>
> Louis
> :::::
> Louis Bohm - Sr. Systems Engineer
> Dell TechDirect Certified
>
> On Feb 23, 2018, at 5:09 AM, Thijs Stuurman
> <[email protected]
> <mailto:[email protected]>> wrote:
>
> My best guess is that you didn’t load in the right CA certificate from your
> slave at step:
>
> CA Certificate: The certificate you gathered from the slave
>
> Thijs Stuurman
> Security Operations Center | KPN Internedservices B.V.
> [email protected]
> <mailto:[email protected]> | [email protected]
> <mailto:[email protected]>
> T: +31(0)299476185 | M: +31(0)624366778
> PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/ <https://pgp.surfnet.nl/>)
> Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048
>
> W: https://www.internedservices.nl <https://www.internedservices.nl/> | L:
> https://nl.linkedin.com/in/thijsstuurman
> <https://nl.linkedin.com/in/thijsstuurman>
>
> Van: Openvas-discuss [mailto:[email protected]
> <mailto:[email protected]>] Namens Louis Bohm
> Verzonden: donderdag 22 februari 2018 19:11
> Aan: [email protected]
> <mailto:[email protected]>
> Onderwerp: [Openvas-discuss] Scanner Master Slave setup
>
> I followed the following doc
> https://blog.haardiek.org/setup-openvas-as-master-and-slave.html
> <https://blog.haardiek.org/setup-openvas-as-master-and-slave.html> to set up
> the master slave environment with the exception that I am doing this on
> CentOS 7 with OpenVAS9.
>
> On the master I am getting this:
> lib serv: DEBUG:2018-02-22 17h59.10 UTC:22888: Connected to server
> ‘op4us1opsscan01.domain.net <http://op4us1opsscan01.domain.net/>' port 9393.
> lib serv: DEBUG:2018-02-22 17h59.10 UTC:22888: Shook hands with server
> 'op4us1opsscan01.domain.net <http://op4us1opsscan01.domain.net/>' port 9393.
> lib serv:WARNING:2018-02-22 17h59.10 UTC:22888: openvas_server_verify: the
> certificate is not trusted
> lib serv:WARNING:2018-02-22 17h59.10 UTC:22888: openvas_server_verify: the
> certificate hasn't got a known issuer
>
> On the client I am getting this:
> lib serv: DEBUG:2018-02-22 18h05.53 utc:20431: Shook hands with peer.
> md main: DEBUG:2018-02-22 18h05.53 utc:20431: Serving OMP.
>
> But in the GUI all I see is Status: Requested and it never changes.
>
> Any idea why this is not working?
>
> Louis
> :::::
> Louis Bohm - Sr. Systems Engineer
> Dell TechDirect Certified
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
