Kali Linux Install Guide#

This documentation provides instructions on how to install Greenbone Community Edition from the Kali Linux native repository. The install packages are maintained by Offensive Security. Any bugs discovered during installation or use should be reported to Kali Linux Bug Tracker. Guidelines for submitting bugs to Kali Linux can be found here.

Important

Greenbone does not hold responsibility for use of the Greenbone Community Edition installed via the native Kali Linux packages, and is not involved in the packaging process of the Greenbone Community Edition for Kali Linux.

Installing Greenbone Community Edition on Kali Linux#

Quick Start Install#

For those who want a quick start guide, here is an overview of the standard installation process:

  1. Update Kali Linux with sudo apt update.

  2. Install Greenbone Community Edition with sudo apt install gvm.

  3. Configure Greenbone Community Edition with sudo gvm-setup and note the provided admin password from the output

  4. Check the install status with gvm-check-setup.

  5. Visit https://127.0.0.1:9392 and log in using the credentials output in step 3.

  6. Verify the feed status before starting your first scan.

Detailed Installation Instructions#

In this section includes a more detailed look at each step of the installation process.

1. Update Kali Linux#

The first step is to update the system’s local package lists for repositories and PPAs (Personal Package Archives). Kali Linux is a “rolling” distribution which means that it continuously updates all of its software (the kernel, libraries, applications, and other system software) to the latest versions without requiring a complete OS reinstallation. Rolling releases typically offer the latest versions of software soon after they are released.

Therefore, It’s highly advised to also do a full package upgrade before installing gvm since Greenbone Community Edition requires the newest version of PostgreSQL. If you are having trouble upgrading and configuring PostgreSQL during the installation process, see the troubleshooting section.

Warning

System upgrades may result in changes to the existing kernel, libraries, and software that could interfere with existing functionality. Before doing an upgrade you should make a complete backup of all critical files on your system including the contents of your PostgreSQL database.

Full package list update and system upgrade#
sudo apt update && sudo apt upgrade

2. Install Greenbone Community Edition#

Greenbone Community Edition and required dependencies can be installed with a single command:

sudo apt install gvm -y

Note that this is the same as executing the command:

sudo apt install openvas -y

3. Run The Automatic Configuration Script#

After installing the required packages, a configuration script must be run to complete the installation. To run the automatic configuration execute the command:

Note

During gvm-setup you must record the default password created for the admin user.

sudo gvm-setup

4. Verify The Installation#

The Kali Linux native installation includes a script to verify the installed services. This script can be run using the command:

sudo gvm-check-setup

If your installation has been successfully configured, you will see the following message at the end of the verification out:

It seems like your GVM-22.5.0 installation is OK.

Starting And Stopping Greenbone Community Edition#

The following commands can be used to start and stop Greenbone Community Edition and all its required services:

Start all services#
sudo gvm-start
Stop all services#
sudo gvm-stop

5. Log Into The Greenbone Web Interface#

Once the installation is complete you can log into the GSA web interface by visiting https://127.0.0.1:9392 in your browser and providing the default admin credentials from step 3.

6. Verify The Feed Status#

Before starting the first scan, Greenbone needs to parse the vulnerability feeds and store them into the gvmd PostgreSQL database, otherwise, it will not be able to initialize or complete scans without errors. This process is initialized during the setup stage, but typically takes anywhere from a few minutes to several hours to complete, depending on your system resources.

The feed status can be checked by going to the Feed Status page from the Configuration section in the top menu bar.

Community Feed Synchronization#

The standard greenbone-feed-sync commands must be used to maintain current security information. A detailed guide on using the greenbone-feed-sync command is available here.

Optional Configurations#

The Greenbone Community Edition on Kali Linux installation relies on the same sub-system components as the source code installation and all configuration options are available. Let’s cover some common custom configurations.

Configure Remote Access To The Web Interface#

By default Greenbone Community Edition is installed with only localhost access to the GSA web interface. This means Greenbone Community Edition can only be accessed via the IP address 127.0.0.1. To enable remote access to the web interface, the gsad systemd service file must be modified.

Edit the contents of the gsad.service systemd service file:

Use nano to edit the gsad.sevice file#
nano /usr/lib/systemd/service/gsad.service

Change the value of the --listen argument to 0.0.0.0 and optionally change the value of --port to the standard SSL/TLS port 443:

-ExecStart=/usr/local/sbin/gsad --foreground --listen=127.0.0.1 --port=9392
+ExecStart=/usr/local/sbin/gsad --foreground --listen=0.0.0.0 --port=443

Setting A Password Policy#

The password policy configuration file defines the rules for user passwords such as minimum length, complexity, and expiration period, ensuring that all user passwords adhere to the desired security standards.

Edit the Greenbone Community Edition password policy configuration#
nano /etc/gvm/pwpolicy.conf

Log And Configuration File Locations#

Here are the locations of the various Greenbone Community Edition log and configuration files.

View all Greenbone Community Edition log files#
ls /var/log/gvm
View the OpenVAS Scanner configuration files#
ls /etc/openvas
View the other Greenbone Community Edition configuration files#
ls /etc/gvm