在root下在OpenVAS 7上运行以下命令时(其中gb_iojs_detect_win.nasl是OpenVAS插件之一。其他插件导致相同的错误):
openvas-nasl gb_iojs_detect_win.nasl
导致此错误:
base gpgme-Message: Setting GnuPG homedir to '/usr/local/var/lib/openvas/gnupg'
base gpgme-Message: Using OpenPGP engine version '1.4.16'
base gpgme-Message: Setting GnuPG sysconf homedir to '/usr/local/etc/openvas/gnupg'
gb_iojs_detect_win.nasl: bad or missing signature. Will not execute this script
请注意,我确实关注了this page并设置了nasl_no_signature_check = yes,但此错误仍然存在。
谢谢!任何帮助将不胜感激!
答案 0 :(得分:0)
执行以下操作并按照提示进行操作:
gpg --homedir=/usr/local/etc/openvas/gnupg --gen-key
然后执行:
wget http://www.openvas.org/OpenVAS_TI.asc -P /tmp
gpg --homedir=/usr/local/etc/openvas/gnupg --import /tmp/OpenVAS_TI.asc
gpg --homedir=/usr/local/etc/openvas/gnupg --list-keys
gpg --homedir=/usr/local/etc/openvas/gnupg --lsign-key 48DB4530
答案 1 :(得分:0)
执行上述操作并更新您的Feed插件
答案 2 :(得分:0)
由于文件不足,我也在努力解决这个问题。
您需要提供-X标记,这意味着身份验证模式,这显然意味着“不要进行签名检查"
答案 3 :(得分:0)
我在使用OpenVAS 9时遇到了这个问题,但是根据来自@DW的说明,我读了关于受信任的NVT的docs,他们提到他们将开始使用以12/1开始的新密钥。 / 18。
但是,当我运行openvassd -f看看它在做什么时,我注意到只有一些插件校验和失败了,我想他们已经在用新密钥对它们进行签名了。 / p>
checksum for /var/lib/openvas/plugins/gb_electrasoft_32bit_ftp_detect.nasl not matching
checksum for /var/lib/openvas/plugins/gb_atlassian_confluence_detect.nasl not matching
checksum for /var/lib/openvas/plugins/gb_synology_dsm_detect.nasl not matching
checksum for /var/lib/openvas/plugins/gb_quixplorer_detect.nasl not matching
checksum for /var/lib/openvas/plugins/gb_yealink_ip_phone_detect.nasl not matching
checksum for /var/lib/openvas/plugins/secpod_neon_detect.nasl not matching
checksum for /var/lib/openvas/plugins/gb_torrent_trader_classic_detect.nasl not matching
checksum for /var/lib/openvas/plugins/gb_simatic_s7_snmp_detect.nasl not matching
checksum for /var/lib/openvas/plugins/gb_sophos_xg_detect_userportal.nasl not matching
checksum for /var/lib/openvas/plugins/gb_keycloak_detect.nasl not matching
checksum for /var/lib/openvas/plugins/gb_wd_wdtv_detect.nasl not matching
checksum for /var/lib/openvas/plugins/gb_get_http_banner.nasl not matching
checksum for /var/lib/openvas/plugins/gb_orion_nta_detect.nasl not matching
checksum for /var/lib/openvas/plugins/gb_gather_windows_uptime.nasl not matching
checksum for /var/lib/openvas/plugins/gb_teleopti_wfm_detect.nasl not matching
checksum for /var/lib/openvas/plugins/gb_asp_dotnet_core_detect_win.nasl not matching
checksum for /var/lib/openvas/plugins/eggdrop_detect.nasl not matching
checksum for /var/lib/openvas/plugins/gb_f5_linerate_lros_version.nasl not matching
checksum for /var/lib/openvas/plugins/gb_mikrotik_router_routeros_consolidation.nasl not matching
但是,解决方法是仅使用相同的说明(必须为Ubuntu / Debian修改config目录的路径),但使用的是更新的密钥。之后,校验和通过确认就可以了:
wget https://www.greenbone.net/GBCommunitySigningKey.asc -P /tmp
gpg --homedir=/etc/openvas/gnupg --import /tmp/GBCommunitySigningKey.asc
gpg --homedir=/etc/openvas/gnupg --list-keys
gpg --homedir=/etc/openvas/gnupg --lsign-key 0ED1E580
systemctl restart openvas-scanner.service
答案 4 :(得分:-1)
你的命令应该是这样的:
openvas-nasl -Xp gb_iojs_detect_win.nasl #for parsing
openvas-nasl -Xt IP gb_iojs_detect_win.nasl #for exec
请注意其他开关。 有关详细信息,请访问this link