Install OpenVAS on Kali Linux – Easy Step-by-Step Tutorial

It’s time to cover some vulnerability scanning! What better way to start this than with the installation of OpenVAS? Today I will show you how to install OpenVAS on Kali Linux in a step-by-step guide for you to follow along.

Table of Contents

⚠️ Kali Linux Wiki
➡️ Download Kali Linux Safe & Easy
➡️ Install Kali Linux on VirtualBox
➡️ Install Kali Linux on VMWare Workstation
➡️ Dual Boot Kali Linux with Windows
➡️ Install Kali Linux on WSL 2
➡️ Install Kali Linux on a Laptop
➡️ Install VSCode on Kali Linux
➡️ Install OpenVAS on Kali Linux
➡️ Install Docker on Kali Linux
➡️ WiFi Adapter for Kali Linux

What is OpenVAS?

OpenVAS is an open-source vulnerability scanner. OpenVAS started under the name of GNessUs, a fork of the previously open-source Nessus scanning tool (which costs you money now). OpenVAS is also under the GNU General Public License (GPL).

I personally used this software in many different kinds of assessments and was always satisfied with the results I got (keeping in mind that it is completely free).

Of course, tools like Nessus and NeXpose are more feature-rich, but they come with a high price tag too.

For starters, OpenVAS is simply perfect and gives you a good idea of how a vulnerability scanner works. I also found it very intuitive to work with.

So without further ado, let’s dive right into the installation.

Step 1 – Install OpenVAS on Kali Linux

The first thing we want to do is to make sure that our Kali installation is up-to-date. So open a terminal window and run:

sudo apt update && sudo apt upgrade -y
Code language: Bash (bash)

This will update your repository and upgrade your Kali, the -y at the end saves you a press of the button “Y” in the process.

The next thing we want to do is to install OpenVAS. Again in the Terminal type:

sudo apt install openvas
Code language: Bash (bash)

Confirm that you are aware that an additional ~1,2 Gigabyte of Disk Space will be used by pressing Y.

Now this will take a good while. Grab a coffee or prepare some Yerba Mate while we are waiting 🙂

Once that is done we will run another command in the terminal window:

sudo gvm-setup
Code language: Bash (bash)

Note: In case you run into a PostgreSQL error – check out the troubleshooting section at the end of this article.

This is going to take very long.

Install OpenVAS on Kali Linux

Phew… That took about 2 hours for me to finish. I still didn’t get why it takes so long, but just go for a long walk and come back later…

After the setup process is finished, don’t forget to note down your password that was generated at the end, you need it to log in for the first time.

Install OpenVAS on Kali Linux

Step 2 – Configuring OpenVAS

The installation is now finished. Next, we verify if our installation is working.

sudo gvm-check-setup
Code language: Bash (bash)

I got an error (SCAP DATA are missing), but if you look through the error message, you can see that you can fix it by running:

sudo runuser -u _gvm -- greenbone-feed-sync --type SCAP
Code language: Bash (bash)

This fixed my issue.

First, we are starting the OpenVAS Service.

sudo gvm-start
Code language: Bash (bash)
Install OpenVAS on Kali

Now your OpenVAS Service should be up and running. OpenVAS listens on the Ports: 9390, 9391, 9392, and on Port 80. Your web browser should automatically open and lead to the OpenVAS Login Page.

If not, open a web browser manually and enter the URL

https://127.0.0.1:9392
Code language: Bash (bash)

The first time you want to open this URL you will get a security warning. Click on Advanced and Add an Exception.

Log in to OpenVAS on Kali

Remember the password you noted down before? Now we are going to need it.

Forgot your Admin Password?

Reset it by typing: sudo gvmd --user=admin --new-password=passwd;

Log in to OpenVAS with admin // your password

Install OpenVAS on Kali Linux

First things first – Navigate to To your User Profile / My Settings / Click on Edit and change the password.

Change OpenVAS Password

This is basically all you need to do. OpenVAS is now running and ready for use.

Step 3 – Running your first Scan

Now it’s time to run our first scan.

As this is just the installation part I won’t go into details, but I will show you quickly how to run your first scan. There will be more articles covering OpenVAS and we will continue looking into all of the different options we have and how to process scan results.

So the easiest way is simply to Navigate to Scans / Tasks and click on the little Magic Wand icon and start the Task Wizard.

Install OpenVAS on Kali Linux

Now you can enter either a single IP, a whole subnet, a range of IP Addresses, or a domain.

This will start a default-depth scan. Depending on the scale of the Network you want to scan this can take from a few minutes up to several hours or even days if the network is large enough and you choose a deep scan.

This and more will be covered in the next article for OpenVAS, which is coming soon.

Finding Exploits with OpenVAS

I created a video a while ago on how to find Exploits using OpenVAS, which basically goes through the whole process of scanning and then finding Exploits for your findings. The video is a bit older but still valid. Give it a watch if you want to learn how to use OpenVAS in-depth.

Troubleshooting

There is a lot that can go wrong during the installation of OpenVAS as some of our readers has pointed out, therefore, we decided to create a little extra section here, covering the most common errors.

PostgreSQL Version Errors v13 and v14

There are multiple possible version errors for PostgreSQL. As our reader Tom has pointed out, the first one is:

[>] Starting PostgreSQL service
[-] ERROR: The default PostgreSQL version (13) is not 14 that is required by libgvmd
[-] ERROR: Use pg_upgradecluster to update your PostgreSQL cluster

Solution:

Open the postgresql.conf file of version 14 and change the port to 5432:

sudo nano /etc/postgresql/14/main/postgresql.conf

Then open the postgresql.conf file of version 13 and check if the port is the same as in version 14. If it is the same – change it to 5433:

sudo nano /etc/postgresql/13/main/postgresql.conf

Restart the PostgreSQL service:

sudo systemctl restart postgresql

PostgreSQL Version Errors v14 and v15

During my installation, I got the following error affecting v14 and v15 of PostgreSQL:

[>] Starting PostgreSQL service
[-] ERROR: The default PostgreSQL version (14) is not 15 that is required by libgvmd
[-] ERROR: Use pg_upgradecluster to update your PostgreSQL cluster

Gladly, the solution to this problem was easier than the one above and might as well work for the problem above:

sudo systemcctl stop postgresql@14-main sudo /usr/bin/pg_dropcluster --stop 14 main
Code language: CSS (css)

OpenVAS failed to find config

Another common error is the failed to find config ‘long-string-value’ message. There are multiple possible solutions for this issue. The one that worked for me is the following:

sudo runuser -u _gvm – gvmd --get-scanners
Code language: JavaScript (javascript)

Note down the scanner ID.

Then run:

sudo runuser -u _gvm – gvmd --get-users --verbose
Code language: JavaScript (javascript)

This gives you the users, including their IDs. You are probably an admin. To solve the issue, enter:

sudo runuser -u _gvmgvmd --modify-scanner [scanner id] --value [user id]
Code language: CSS (css)

Conclusion

This is how easy it is to install OpenVAS on Kali Linux and start a basic scan. There is a lot more to learn about OpenVAS, but this should get you up and running in no time!

👀 This Tutorial has some related Articles!
👉 How to get started in Cyber Security – The Complete Guide
👉 How to get started with Bug Bounties
👉 Terminal Customization Series
👉 Best Ethical Hacking Books
👉 Download Kali Linux Safe & Easy
👉 Best Ethical Hacking Tools
👉 Install VSCode on Kali Linux
👉 Dual Boot Kali Linux with Windows
👉 Install Kali Linux on VirtualBox – Complete Beginner Guide
👉 Top Things to do after installing Kali Linux
👉 WiFi Adapter for Kali Linux – The Ultimate Guide
👉 Nmap Beginner Guide Series
👉 Metasploit Tutorial Series
👉 Burp Suite Beginner Guide

34 thoughts on “Install OpenVAS on Kali Linux – Easy Step-by-Step Tutorial”

  1. i am trying to install it on kali 22.4 i have gone through all the comment and procedure still facing the redis issue.
    ValueError: Redis URL must specify one of the following schemes (redis://, rediss://>

    i have deleted one of the two redis config files as well still the same error in starting the service.

    please give solution.

    Reply
    • this is my conf file, please correct if anything wrong

      [OSPD – openvas]
      log_level = INFO
      socket_mode = 0o770
      unix_socket = /run/ospd/ospd.sock
      pid_file = /run/ospd/ospd-openvas.pid
      log_file = /var/log/gvm/ospd-openvas.log
      redis_url = redis://127.0.0.1:6379
      kb_location=/var/run/redis/redis.sock

      Reply
  2. Hi Stefan

    Thank you do this well documented procedure.
    but unfortunately I am in trouble trying to install openVAS on my KALI 2022.4 (updated and upgraded today)
    gvm-check-setup 22.4.0 reports :

    Step 2: Checking GVMD Manager …
    OK: GVM Manager (gvmd) is present in version 22.4.0~dev1.
    Step 3: Checking Certificates …
    OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
    OK: Your GVM certificate infrastructure passed validation.
    Step 4: Checking data …
    OK: SCAP data found in /var/lib/gvm/scap-data.
    OK: CERT data found in /var/lib/gvm/cert-data.
    Step 5: Checking Postgresql DB and user …
    OK: Postgresql version and default port are OK.
    gvmd | _gvm | UTF8 | en_US.UTF-8 | en_US.UTF-8 | | libc |
    16435|pg-gvm|10|2200|f|22.4.0||
    OK: At least one user exists.
    Step 6: Checking Greenbone Security Assistant (GSA) …
    Oops, secure memory pool already initialized
    OK: Greenbone Security Assistant is present in version 22.04.0~git.
    Step 7: Checking if GVM services are up and running …
    Starting ospd-openvas service
    Job for ospd-openvas.service failed because the control process exited with error code.
    See “systemctl status ospd-openvas.service” and “journalctl -xeu ospd-openvas.service” for details.
    Waiting for ospd-openvas service
    Waiting for ospd-openvas service
    ERROR: ospd-openvas service did not start.
    Please check journalctl -xe

    ERROR: Your GVM-22.4.0 installation is not yet complete!

    Please follow the instructions marked with FIX above and run this
    script again.
    —-
    problem is that there is no FIX to help to solve the problem.

    journalctl is reporting :
    déc. 08 19:25:05 kali ospd-openvas[25746]: super().__init__(self.DEFAULT_INDEX, ctx)
    déc. 08 19:25:05 kali ospd-openvas[25746]: File “/usr/lib/python3/dist-packages/ospd_openvas/db.>
    déc. 08 19:25:05 kali ospd-openvas[25746]: self.ctx = OpenvasDB.create_context(kbindex)
    déc. 08 19:25:05 kali ospd-openvas[25746]: File “/usr/lib/python3/dist-packages/ospd_openvas/db.>
    déc. 08 19:25:05 kali ospd-openvas[25746]: ctx = redis.Redis.from_url(
    déc. 08 19:25:05 kali ospd-openvas[25746]: File “/usr/lib/python3/dist-packages/redis/client.py”>
    déc. 08 19:25:05 kali ospd-openvas[25746]: connection_pool = ConnectionPool.from_url(url, **kw>
    déc. 08 19:25:05 kali ospd-openvas[25746]: File “/usr/lib/python3/dist-packages/redis/connection>
    déc. 08 19:25:05 kali ospd-openvas[25746]: url_options = parse_url(url)
    déc. 08 19:25:05 kali ospd-openvas[25746]: File “/usr/lib/python3/dist-packages/redis/connection>
    déc. 08 19:25:05 kali ospd-openvas[25746]: raise ValueError(
    déc. 08 19:25:05 kali ospd-openvas[25746]: ValueError: Redis URL must specify one of the following>
    déc. 08 19:25:05 kali systemd[1]: ospd-openvas.service: Control process exited, code=exited, statu>
    ░░ Subject: Unit process exited
    ░░ Defined-By: systemd
    ░░ Support: https://www.debian.org/support
    ░░
    ░░ An ExecStart= process belonging to unit ospd-openvas.service has exited.
    ░░
    ░░ The process’ exit code is ‘exited’ and its exit status is 1.
    déc. 08 19:25:05 kali systemd[1]: ospd-openvas.service: Failed with result ‘exit-code’.
    ░░ Subject: Unit failed
    ░░ Defined-By: systemd
    ░░ Support: https://www.debian.org/support
    ░░
    ░░ The unit ospd-openvas.service has entered the ‘failed’ state with result ‘exit-code’.
    déc. 08 19:25:05 kali systemd[1]: Failed to start OSPd Wrapper for the OpenVAS Scanner (ospd-openv>
    ░░ Subject: L’unité (unit) ospd-openvas.service a échoué
    ░░ Defined-By: systemd
    ░░ Support: https://www.debian.org/support
    ░░
    ░░ L’unité (unit) ospd-openvas.service a échoué, avec le résultat failed.

    do you have any hints for me to solve the problem and be able to try openVAS ?
    thank you in advance for your time to read this and evenmore if you can help me.

    Reply
  3. Kali version : 2022.4
    GVM : 22.4.0

    While following the instruction, I encountered several problems :
    1. Postgresql 14 / 15 issues

    Following the instruction mentioned above, the issue can be solved, but make sure you reconfigure the postgresql.conf with the right port ( 5432).

    2. under /etc/redis/ there are 2 configuration files , I managed to remove the redis.conf then restart the redis service to make it work

    3. If you encountered the postgresql conf issue, make certain after you modify the configuration file, you have to re-run “sudo gvm-setup” again, otherwise you will not be able to generate the admin and password, and you will not be able to initiate the GVM.

    Reply
  4. Hi! When I run sudo gvm-check-setup I get an error saying:

    Step 5: Checking Postgresql DB and user …
    /usr/bin/gvm-check-setup: line 392: [: =: unary operator expected
    /usr/bin/gvm-check-setup: line 398: [: -ne: unary operator expected
    OK: Postgresql version and default port are OK.
    gvmd | _gvm | UTF8 | en_US.UTF-8 | en_US.UTF-8 | | libc |
    16439|pg-gvm|10|2200|f|22.4.0||
    ERROR: No users found. You need to create at least one user to log in.
    FIX: create a user by running ‘sudo runuser -u _gvm — gvmd –create-user= –password=’

    I ran sudo runuser -u _gvm — gvmd –create-user= –password=’ but still could not fix it.
    I am running GVM 22.4.0 on Kali 2022.4. Any ideas how to fix this?

    Reply
    • Hm, that is one error I haven’t encountered.

      Are you sure you followed every step? If yes, did you try to google the exact error message?

      I know installing OpenVAS can be frustrating since there are so many variables at play, that’s why I created this tutorial – but still we can’t get it to work for everyone 🙁

      Reply
  5. Got Postgresql error on gvm-setup. Solution:

    https://vedran-zulin.from.hr/en/it/security/158-openvas-kali-fixing-the-default-postgresql-version-13-is-not-14-that-is-required-by-libgvmd-error.html

    From time to time the error from the subject can appear while trying to finish the OpenVAS installation (on your Kali instance).

    Basically, after issuing the sudo gvm-setup command, the following messages may appear:

    [>] Starting PostgreSQL service
    [-] ERROR: The default PostgreSQL version (13) is not 14 that is required by libgvmd
    [-] ERROR: Use pg_upgradecluster to update your PostgreSQL cluster

    One of the most probable reasons what may be preventing the service start is the port configuration – the following changes have to be done:

    sudo nano /etc/postgresql/14/main/postgresql.conf – search for port and change it to 5432;
    sudo nano /etc/postgresql/13/main/postgresql.conf – check whether the port is the same as in the config. file above – if so, change it to e.g. 5433 (this must be different!)
    run sudo systemctl restart postgresql
    (re)run sudo gvm-setup and wait for the procedure to end (updating the GVM feeds may take a while).

    Reply
    • Thank you very much for pointing that out, Tom!

      I just went ahead and recorded the OpenVAS video and while doing so, encountered that same error.

      Although, on the latest Kali version I run into the problem that I was getting the same error with Postgresql version 14 and 15.

      Your solution didn’t work for me, I had to do the following:

      sudo systemcctl stop [email protected]
      sudo /usr/bin/pg_dropcluster –stop 14 main

      Post will be updated including your and my solution!

      Reply
  6. The following command causes file lock error (Could not open lock file /var/lib/dpkg/lock-frontend):

    sudo apt update && apt upgrade -y

    Should be:

    sudo apt update && sudo apt upgrade -y

    Reply
  7. Many thanks for the excellent article Stefan. I hadn’t used OpenVAS in quite some time and your article really helped me get it up and running. I was stuck until you shared the gvm-setup command. I did hit one more snag. I got the following error: Failed to find config ”.

    I found the solution here: https://community.greenbone.net/t/cant-create-a-scan-config-failed-to-find-config/5509/12. Basically, run the following commands:

    sudo runuser -u _gvm — greenbone-nvt-sync
    sudo runuser -u _gvm — gvmd –get-scanners
    (note your scanner id)
    sudo runuser -u _gvm — gvmd –get-users –verbose
    (note your user id)
    sudo runuser -u _gvm — gvmd –modify-scanner [scanner id] –value [user id]

    Reply
  8. Great article and instruction for the installs. I ran into a slight problem when i try to execute “openvas-setup” after installation. System responds command not found

    “Reading package lists… Done
    Building dependency tree… Done
    Reading state information… Done
    openvas is already the newest version (21.4.3).
    The following packages were automatically installed and are no longer required:
    kali-wallpapers-2021.4 libaom0 libcbor0 libcodec2-0.9 libfluidsynth2
    libfmt7 libgdal29 libgdk-pixbuf-xlib-2.0-0 libgdk-pixbuf2.0-0
    libgeos3.10.1 libigdgmm11 libodbc1 libodbccr2 libqhull8.0 libvpx6
    libwireshark14 libwiretap11 libwsutil12 odbcinst odbcinst1debian2
    python3-orjson ruby-atomic ruby-thread-safe
    Use ‘apt autoremove’ to remove them.
    0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

    ┌──(root💀kali)-[~]
    └─# openvas-setup
    openvas-setup: command not found

    Reply
  9. If you in trouble to execute openvas-setup… it will probably because the project was renamed, so instead of the ‘openvas-setup’ use ‘gvm-setup’.

    Reply
  10. Just a heads-up: The commands no longer work and ‘gvm’ should be used instead of ‘openvas’.
    See https://en.wikipedia.org/wiki/OpenVAS: ‘The OpenVAS framework got renamed to Greenbone Vulnerability Management (GVM) and OpenVAS (now Open Vulnerability Assessment Scanner) is now only a part of it. The article should be updated to reflect this change.. Relevant discussion may be found on the talk page. Please update this to reflect recent events or newly available information. (May 2020)’

    Reply
  11. Thanks for the great articles. i followed the Top Things to do after installing KaliLinux and found the link to installing OpenVAS and running the first scan. Have you added additional articles about OpenVAS? If so, can you provide the links?

    Reply
  12. I got the install to run, and it LOOKS like it’s running and listening in a netstat, but I can’t hit the web interface on the localhost. The „site can’t be reached“. This is after dealing with the security warning. I just can’t get to the dashboard to login that first time.

    Reply
  13. Hi If you are using Kali linux 2017.1 then installation is become a problem. to solve this follow my steps:-
    open a terminal try this command

    #apt-get update
    #apt get install openvas
    E:Unable to locate package openvas

    then follow this steps:-
    in a new terminal type
    #sudo leafpad /etc/apt/sources.list

    leaf pad will open edit and save the source list with this scripts:

    deb https://mirrors.ocf.berkeley.edu/kali kali-rolling main contrib non-free
    # For source package access, uncomment the following line
    deb-src https://mirrors.ocf.berkeley.edu/kali kali-rolling main contrib non-free

    deb http://security.debian.org/ stretch/updates main

    after save it come back to a new terminal and type

    #apt-get install openvas

    -its start installing other process is just like same

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share via
Copy link
Powered by Social Snap