Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   14857 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

OpenVAS-ADDUSER(8)		 User Manuals		    OpenVAS-ADDUSER(8)

NAME
       openvas-adduser - add a user in the openvassd userbase

SYNOPSIS
       openvas-adduser

DESCRIPTION
       The  OpenVAS  Security  Scanner comes with its own user base which con‐
       tains the list of who can use  the  services  of	 openvassd,  and  what
       restriction (or rules) each user has.

       openvas-adduser	is a simple program which will add a user to the open‐
       vassd userbase.

       The program is straightforward and asks for the following items:

       · Login
	      the login name of the openvassd user to add

       · Password
	      the password that the user will use to connect to openvassd

       · Rules
	      the set of rules to apply to the user. See below.

RULES
       Each user has his own set of rules. Rules  are  here  to	 restrict  the
       rights  of  the	users. For instance, you can add user “joe” so that he
       can only test the host “192.168.1.1”, whereas you can add user “bob” so
       that he can test whatever IP address he wishes.

       Each  rule  fits	 on  one  line. A user can have an unlimited amount of
       rules (and can even have no rule at all).

       The syntax is:
	      accept|deny ip/mask
       and
	      default accept|deny

       Where mask is the CIDR netmask of the rule.

       The default statement must be the last rule and defines the  policy  of
       the user.

       The  following  rule  set  will	allow the user to test 192.168.1.0/24,
       192.168.3.0/24 and 172.22.0.0/16, but nothing else:
	      accept 192.168.1.0/24
	      accept 192.168.3.0/24
	      accept 172.22.0.0/16
	      default deny

       The following rule set will allow the user to test whatever  he	wants,
       except the network 192.168.1.0/24:
	      deny 192.168.1.0/24
	      default accept

       The  keyword client_ip has been defined, and is replaced at run time by
       the IP address of the openvassd user. For instance, if  you  want  your
       users  to  be  able  to only be able to scan the system they come from,
       then you want them to have the following ruleset:
	      accept client_ip
	      default deny

SEE ALSO
       openvas-rmuser(8), openvassd(8)

MORE INFORMATION ABOUT THE OpenVAS PROJECT
       The canonical places where you will find	 more  information  about  the
       OpenVAS project are:
	      http://www.openvas.org/ ⟨⟩ (Official site)

AUTHOR
       openvas-adduser	 was   quickly	written	 by  Renaud  Deraison  <derai‐
       son@cvs.nessus.org>

BUGS
       openvas-adduser creates temporary files in $TMPDIR/.  If this  variable
       is  not	set,  then  it	will use /var/tmp which may be a security risk
       depending of your configuration.

       If you set your TMPDIR variable to /tmp, then you are in trouble.

The OpenVAS Project		   May 2009		    OpenVAS-ADDUSER(8)

Vote for polarhome