openvas-adduser - add a user in the openvasd userbase
OpenVAS Security Scanner
comes with its own user base which contains the list of who can
use the services of
and what restriction (or
each user has.
is a simple program which will add a user to the
The program is straightforward and asks for the following items:
the login name of the
user to add
the password that the user will use to connect to
the set of rules to apply to the user. See below.
Each user has his own set of rules. Rules are here to restrict
the rights of the users. For instance, you can add user ``joe'' so
that he can only test the host ``192.168.1.1'', whereas you can
add user ``bob'' so that he can test whatever IP address he wishes.
Each rule fits on one line. A user can have an unlimited amount of
rules (and can even have no rule at all).
The syntax is:
is the CIDR netmask of the rule.
statement must be the last rule and defines the policy of the user.
The following rule set will allow the user to test 192.168.1.0/24,
192.168.3.0/24 and 172.22.0.0/16, but nothing else:
The following rule set will allow the user to test whatever he wants,
except the network 192.168.1.0/24:
has been defined, and is replaced at run time by the IP address
user. For instance, if you want your users to be able
to only be able to scan the system they come from, then you want
them to have the following ruleset: