Kali Linux Install Guide

This documentation provides instructions on how to install Greenbone Community Edition from the Kali Linux native repository. The install packages are maintained by Offensive Security. Any bugs discovered during installation or use should be reported to Kali Linux Bug Tracker. Guidelines for submitting bugs to Kali Linux can be found here.

Important

Greenbone does not hold responsibility for use of the Greenbone Community Edition installed via the native Kali Linux packages, and is not involved in the packaging process of the Greenbone Community Edition for Kali Linux.

Installing Greenbone Community Edition on Kali Linux

Quick Start Install

For those who want a quick start guide, here is an overview of the standard installation process:

  1. Update Kali Linux with sudo apt update.

  2. Install Greenbone Community Edition with sudo apt install gvm.

  3. Configure Greenbone Community Edition with sudo gvm-setup and note the provided admin password from the output

  4. Check the install status with gvm-check-setup.

  5. Visit https://127.0.0.1:9392 and log in using the credentials output in step 3.

  6. Verify the feed status before starting your first scan.

Detailed Installation Instructions

In this section includes a more detailed look at each step of the installation process.

1. Update Kali Linux

The first step is to update the system’s local package lists for repositories and PPAs (Personal Package Archives). Kali Linux is a “rolling” distribution which means that it continuously updates all of its software (the kernel, libraries, applications, and other system software) to the latest versions without requiring a complete OS reinstallation. Rolling releases typically offer the latest versions of software soon after they are released.

Therefore, It’s highly advised to also do a full package upgrade before installing gvm since Greenbone Community Edition requires the newest version of PostgreSQL. If you are having trouble upgrading and configuring PostgreSQL during the installation process, see the troubleshooting section.

Warning

System upgrades may result in changes to the existing kernel, libraries, and software that could interfere with existing functionality. Before doing an upgrade you should make a complete backup of all critical files on your system including the contents of your PostgreSQL database.

Full package list update and system upgrade
sudo apt update && sudo apt upgrade

2. Install Greenbone Community Edition

Greenbone Community Edition and required dependencies can be installed with a single command:

sudo apt install gvm -y

Note that this is the same as executing the command:

sudo apt install openvas -y

3. Run The Automatic Configuration Script

After installing the required packages, a configuration script must be run to complete the installation. To run the automatic configuration execute the command:

Note

During gvm-setup you must record the default password created for the admin user.

sudo gvm-setup

4. Verify The Installation

The Kali Linux native installation includes a script to verify the installed services. This script can be run using the command:

sudo gvm-check-setup

If your installation has been successfully configured, you will see the following message at the end of the verification out:

It seems like your GVM-22.5.0 installation is OK.

Starting And Stopping Greenbone Community Edition

The following commands can be used to start and stop Greenbone Community Edition and all its required services:

Start all services
sudo gvm-start
Stop all services
sudo gvm-stop

5. Log Into The Greenbone Web Interface

Once the installation is complete you can log into the GSA web interface by visiting https://127.0.0.1:9392 in your browser and providing the default admin credentials from step 3.

6. Verify The Feed Status

Before starting the first scan, Greenbone needs to parse the vulnerability feeds and store them into the gvmd PostgreSQL database, otherwise, it will not be able to initialize or complete scans without errors. This process is initialized during the setup stage, but typically takes anywhere from a few minutes to several hours to complete, depending on your system resources.

The feed status can be checked by going to the Feed Status page from the Configuration section in the top menu bar.

Community Feed Synchronization

The standard greenbone-feed-sync commands must be used to maintain current security information. A detailed guide on using the greenbone-feed-sync command is available here.

Optional Configurations

The Greenbone Community Edition on Kali Linux installation relies on the same sub-system components as the source code installation and all configuration options are available. Let’s cover some common custom configurations.

Configure Remote Access To The Web Interface

By default Greenbone Community Edition is installed with only localhost access to the GSA web interface. This means Greenbone Community Edition can only be accessed via the IP address 127.0.0.1. To enable remote access to the web interface, the gsad systemd service file must be modified and the gsad service must be restarted.

Edit the contents of the gsad.service systemd service file:

Use nano to edit the gsad.sevice file
nano /usr/lib/systemd/system/gsad.service

Change the value of the --listen argument to 0.0.0.0 and optionally change the value of --port to the standard SSL/TLS port 443:

-ExecStart=/usr/local/sbin/gsad --foreground --listen=127.0.0.1 --port=9392
+ExecStart=/usr/local/sbin/gsad --foreground --listen=0.0.0.0 --port=443

Restart the gsad service:

sudo systemctl daemon-reload
sudo systemctl restart gsad

Setting A Password Policy

The password policy configuration file defines the rules for user passwords such as minimum length, complexity, and expiration period, ensuring that all user passwords adhere to the desired security standards.

Edit the Greenbone Community Edition password policy configuration
nano /etc/gvm/pwpolicy.conf

Log And Configuration File Locations

Here are the locations of the various Greenbone Community Edition log and configuration files.

View all Greenbone Community Edition log files
ls /var/log/gvm
View the OpenVAS Scanner configuration files
ls /etc/openvas
View the other Greenbone Community Edition configuration files
ls /etc/gvm