search

Secure-Compliance-Solutions-LLC / GVM-Docker

Greenbone Vulnerability Management Docker Image with OpenVAS
https://securecompliance.gitbook.io/projects/
MIT License
247 stars 91 forks source link

Remote Scanner #152

Closed kilimnik closed 3 years ago

kilimnik commented 3 years ago

Describe the bug I am trying to add a remote scanner to my main gvm docker. I found two ways you are describing this can be done, both fail. Without a comprehensive error message.

To Reproduce Steps to reproduce the behavior: From the GitBook

  1. Start the main gvm docker container
  2. Run docker run --volume scanner:/data --env MASTER_ADDRESS="gvm" --env MASTER_PORT=2222 --name scanner securecompliance/openvas The output this container produces is: 
    Running first start configuration...
Creating Openvas NVT sync user...
Getting Master SSH key...

    After that the container stops.

From the wiki

  1. Start the main gvm docker container
  2. Run docker run --volume scanner:/data --env MASTER_ADDRESS="gvm" --env MASTER_PORT=2222 --name scanner securecompliance/gvm:scanner The output this container produces is: 
    
Running first start configuration...
Creating Openvas NVT sync user...
20:C 06 Apr 2021 14:18:52.345 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
20:C 06 Apr 2021 14:18:52.346 # Redis version=5.0.7, bits=64, commit=00000000, modified=0, pid=20, just started
20:C 06 Apr 2021 14:18:52.346 # Configuration loaded
Wait for redis socket to be created...
Testing redis status...
Redis ready.
Fixing NVT Plugins folder...
Updating NVTs...
Starting Open Scanner Protocol daemon for OpenVAS...
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ Your OpenVAS Scanner container is now ready to use! +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++

Scanner id: v0zu8oz25o Public key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILPQv3QAJJKgWcK+YJ5E4mo4mlYr8v+0UNPYGONQ/J7v v0zu8oz25o Master host key (Check that it matches the public key from the master): cat: /data/ssh/known_hosts: No such file or directory


After that the container stops.

**Expected behavior**
I am unsure which method is the correct one, but one of them should start the container and keep it running.
kilimnik commented 3 years ago

I just realized, the problem was the gvm container wasn't accessible in the scanner container because of different networks. Now it works. An updated error message would enhance the experience.