Configure the local security checks in OpenVAS-Client <= 2.0.1Debian Local Security ChecksCreating users for local security checks without the OpenVAS LSC Credentials ManagerCreate users for local security checks on target sytems

Create users for local security checks on target sytems

In order to allow logins, on each target system you have to add one of the created users (assuming the created user is called username):

# adduser --disabled-password username
Name: OpenVAS Local Security Checks
# su - username
$ mkdir .ssh
$ cp /some/path/.openvas/.ssh/id_rsa_username.pub .ssh/authorized_keys
$ chmod 500 .ssh
$ chmod 400 .ssh/authorized_keys

Of course you have to replace 'sshovas' with the username you specified.

If you can install rpm packages on the target systems and use a recent client (>= 2.0.4) you can also use the installer packages created by the OpenVAS LSC Credentials Manager.

This requires the tools 'rpm', 'alien' or 'nsis' on the client machine, depending on the target machine where an account should be installed on.

To do so, open the OpenVAS LSC Credentials Manager (menu item "LSC Credentials Manager" in the "Extras" menu), and select the appropriate account to find out where the rpm package is located.

Next, copy the package to the target system, e.g. using scp

scp ~/.openvas/lsc-mngt/openvas_lsc_target_preparation_officeuseraccount.rpm user@target:~

On the target system you can install the package ('rpm -i'), which will create the user and copy the key file as in the example above.

In principle, the same process should allows you to install users on deb- based systems (like Debian and Ubuntu) as well (with 'dpkg -i' instead of 'rpm -i').

Note that when you remove the package, the user and the content of its home directory will be removed as well.


Configure the local security checks in OpenVAS-Client <= 2.0.1Debian Local Security ChecksCreating users for local security checks without the OpenVAS LSC Credentials ManagerCreate users for local security checks on target sytems