Setting up GVM10

From Alpine Linux
Revision as of 16:39, 15 May 2020 by Fcolista (talk | contribs) (Updated the page with GVM-11)
Jump to: navigation, search

Greenbone Vulnerability Management (GVM) 11


OpenVAS with version 11 has been renamed in Greenbone Vulnerability Management and it is available in community repository.

This How-To will guide you to install a complete server solution for vulnerability scanning and vulnerability management solution.


Enable the community repository and install the required packages:

apk add openvas openvas-config gvmd gvm-libs greenbone-security-assistant ospd-openvas



OpenVAS relies on PostgreSQL, that now is mandatory.

Start PostgreSQL and add it to default runlevel:

rc-service postgresql setup
rc-service postgresql start
rc-update add postgresql

Create and configure the gvm database:

su - postgres
createuser -DRS gvm
createdb -O gvm gvmd
psql gvmd
create role dba with superuser noinherit;
grant dba to gvm;
create extension if not exists "uuid-ossp";
create extension "pgcrypto";


GVMd run as gvm user. Generate the certificate. The certificate infrastructure enables GVMd to communicate in a secure manner and is used for authentication and authorization before establishing TLS connections between the daemons. You can setup the certificate automatically with:

su - gvm
gvm-manage-certs -a

Create credentials used to interact with gvmd:

gvmd --create-user=admin --password=admin

Update GVM definitions

Download the GVM definitions and start GVMd, as root user. Be will take a while:

rc-service gvmd start

Add gvmd to start on boot:

rc-update add gvmd

NVT definitions can be downloaded as gvm user:

su - gvm

Greenbone Security Assistant (GSAD)

Configure Greenbone Security Assistant (GSAD) to listen to other interfaces rather than localhost only, so it is reachable from other hosts.

Modify /etc/conf.d/gsad: with:


Or, in one shot:

sed -i -e "s/127\.0\.0\.1/0\.0\.0\.0/g" /etc/conf.d/gsad

Start GSAD and add it to default runlevel:

rc-service gsad start
rc-update add gsad

Open the browser at the IP address where GSAD is running, on port 9392, and login with the credentials previously created.

Happy vulnerability assestment!