Re: [Openvas-discuss] Scanner Master Slave setup

Louis Bohm Fri, 23 Feb 2018 06:59:57 -0800

That yelled me this on the client but still the scan has not progressed from 
Requested.


Client:
lib  serv:  DEBUG:2018-02-23 14h37.52 utc:25578:    Shook hands with peer.
md   main:  DEBUG:2018-02-23 14h37.52 utc:25578:    Serving OMP.
md   main:  DEBUG:2018-02-23 14h37.52 utc:25578: <= client  Input may contain 
password, suppressed.
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    XML  start: authenticate (0)
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    client state set: 2
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    XML  start: credentials (2)
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    client state set: 3
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    XML  start: username (3)
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    client state set: 5
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    XML   text: admin
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    XML    end: username
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    client state set: 3
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    XML  start: password (3)
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    client state set: 4
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    XML   text: ********
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    XML    end: password
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    client state set: 3
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    XML    end: credentials
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    client state set: 2
md    omp:  DEBUG:2018-02-23 14h37.52 utc:25578:    XML    end: authenticate
md   main:  DEBUG:2018-02-23 14h37.52 UTC:25578: -> client: 
<authenticate_response status="200" 
status_text="OK"><role>Admin</role><timezone>UTC</timezone><severity>nist</severity></authenticate_response>
md    omp:  DEBUG:2018-02-23 14h37.52 UTC:25578:    client state set: 1
md   main:  DEBUG:2018-02-23 14h37.52 UTC:25578: => client  144 bytes
md   main:  DEBUG:2018-02-23 14h37.52 UTC:25578: => client  done
I know the username and password are correct.  And the slave even sent a 200 
response to the master so why is it not working????  So frustrating.

Louis
:::::
Louis Bohm - Sr. Systems Engineer
        Dell TechDirect Certified

> On Feb 23, 2018, at 7:42 AM, Thijs Stuurman 
> <thijs.stuur...@internedservices.nl> wrote:
> 
> Try the /var/lib/openvas/CA/cacert.pem from your slave.
>  
> Thijs Stuurman
> Security Operations Center | KPN Internedservices B.V.
> thijs.stuur...@internedservices.nl 
> <mailto:thijs.stuur...@internedservices.nl> | thijs.stuur...@kpn.com 
> <mailto:thijs.stuur...@kpn.com>
> T: +31(0)299476185 | M: +31(0)624366778
> PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/ <https://pgp.surfnet.nl/>)
> Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048
>  
> W: https://www.internedservices.nl <https://www.internedservices.nl/> | L: 
> https://nl.linkedin.com/in/thijsstuurman 
> <https://nl.linkedin.com/in/thijsstuurman>
>  
> Van: Louis Bohm [mailto:lo...@systemgeek.net] 
> Verzonden: vrijdag 23 februari 2018 13:18
> Aan: Thijs Stuurman <thijs.stuur...@internedservices.nl>
> CC: openvas-discuss@wald.intevation.org
> Onderwerp: Re: [Openvas-discuss] Scanner Master Slave setup
>  
> According to the doc it says to use: 
> ${CMAKE_INSTALL_PREFIX}"/var/lib/openvas/CA/servercert.pem.
> On CentOS 7 that turns out to be: /var/lib/openvas/CA/servercert.pem 
> according to openvas-manage-certs -V
> [root@pci-sec02 ~]# openvas-manage-certs -V
> OK: Directory for keys (/var/lib/openvas/private/CA) exists.
> OK: Directory for certificates (/var/lib/openvas/CA) exists.
> OK: CA key found in /var/lib/openvas/private/CA/cakey.pem
> OK: CA certificate found in /var/lib/openvas/CA/cacert.pem
> OK: CA certificate verified.
> OK: Certificate /var/lib/openvas/CA/servercert.pem verified.
> OK: Certificate /var/lib/openvas/CA/clientcert.pem verified.
>  
> Is it not the servercert.pem from the slave openvas host that I am supposed 
> to use?
>  
> Louis
> :::::
> Louis Bohm - Sr. Systems Engineer
>             Dell TechDirect Certified 
>  
> On Feb 23, 2018, at 5:09 AM, Thijs Stuurman 
> <thijs.stuur...@internedservices.nl 
> <mailto:thijs.stuur...@internedservices.nl>> wrote:
>  
> My best guess is that you didn’t load in the right CA certificate from your 
> slave at step:
>  
> CA Certificate: The certificate you gathered from the slave
>  
> Thijs Stuurman
> Security Operations Center | KPN Internedservices B.V.
> thijs.stuur...@internedservices.nl 
> <mailto:thijs.stuur...@internedservices.nl> | thijs.stuur...@kpn.com 
> <mailto:thijs.stuur...@kpn.com>
> T: +31(0)299476185 | M: +31(0)624366778
> PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/ <https://pgp.surfnet.nl/>)
> Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048
>  
> W: https://www.internedservices.nl <https://www.internedservices.nl/> | L: 
> https://nl.linkedin.com/in/thijsstuurman 
> <https://nl.linkedin.com/in/thijsstuurman>
>  
> Van: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org 
> <mailto:openvas-discuss-boun...@wald.intevation.org>] Namens Louis Bohm
> Verzonden: donderdag 22 februari 2018 19:11
> Aan: openvas-discuss@wald.intevation.org 
> <mailto:openvas-discuss@wald.intevation.org>
> Onderwerp: [Openvas-discuss] Scanner Master Slave setup
>  
> I followed the following doc 
> https://blog.haardiek.org/setup-openvas-as-master-and-slave.html 
> <https://blog.haardiek.org/setup-openvas-as-master-and-slave.html> to set up 
> the master slave environment with the exception that I am doing this on 
> CentOS 7 with OpenVAS9.
>  
> On the master I am getting this:
> lib  serv:  DEBUG:2018-02-22 17h59.10 UTC:22888:    Connected to server 
> ‘op4us1opsscan01.domain.net <http://op4us1opsscan01.domain.net/>' port 9393.
> lib  serv:  DEBUG:2018-02-22 17h59.10 UTC:22888:    Shook hands with server 
> 'op4us1opsscan01.domain.net <http://op4us1opsscan01.domain.net/>' port 9393.
> lib  serv:WARNING:2018-02-22 17h59.10 UTC:22888: openvas_server_verify: the 
> certificate is not trusted
> lib  serv:WARNING:2018-02-22 17h59.10 UTC:22888: openvas_server_verify: the 
> certificate hasn't got a known issuer
>  
> On the client I am getting this:
> lib  serv:  DEBUG:2018-02-22 18h05.53 utc:20431:    Shook hands with peer.
> md   main:  DEBUG:2018-02-22 18h05.53 utc:20431:    Serving OMP.
>  
> But in the GUI all I see is Status: Requested and it never changes.
>  
> Any idea why this is not working?
>  
> Louis
> :::::
> Louis Bohm - Sr. Systems Engineer
>             Dell TechDirect Certified

_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Scanner Master Slave setup

Reply via email to