Howto: Perform local security checks
This text explains how to run local security checks with OpenVAS. So far, this procedure has been tested only with Debian local security checks.
Create users for local security checks
First, you need a key with certificate:
$ ssh-keygen -t rsa -f ~/.ssh/id_rsa_sshovas -C "OpenVAS-Local-Security-Checks-Key" $ openssl pkcs8 -topk8 -v2 des3 -in ~/.ssh/id_rsa_sshovas -out sshovas_rsa.p8
Note: The comment (here: "OpenVAS-Local-Security-Checks-Key") should not contain spaces.
Currently, you need a rsa pkcs8 key for OpenVAS local security checks.
Note: openssl will ask you for an "Encryption key" when generating your key with the command described above. This is the passphrase you will need to remember when using this key with OpenVAS, not the passphrase you entered when running the ssh-keygen command.
Important: If you plan on using this key with OpenVAS versions from the 1.0.x series, be aware that there is a bug within OpenVAS which prevents logins with PCKS8 key with passphrases consisting only of numbers. If you get an "Unable to load key" error, be sure to include at least one non-numerical character in your passphrase.
Now, for each target system:
# adduser --disabled-password sshovas Name: OpenVAS Local Security Checks # su - sshovas $ mkdir .ssh $ cp /some/path/id_rsa_sshovas.pub .ssh/authorized_keys $ chmod 500 .ssh $ chmod 400 .ssh/authorized_keys
Configure the local security checks in OpenVAS-Clients
In Preferences, configure SSH Authorization:
SSH login name: sshovas SSH private key: ~/.ssh/sshovas_rsa.p8 SSH key passphrase: ******** SSH public key: ssh/id_rsa_sshovas.pub
Note: It is actually not necessary to submit the public key, but currently this is necessary due to a bug inherited from Nessus.
Next, make sure you select at least these NVTs:
Debian Local Security Checks/* Misc/Determine List of installed packages via SSH login Service Detection/Services Settings/Global variable settings Settings/SSH Authorization
or ensure dependencies are resolved at runtime (see checkboxes) if you select only some local security checks.