html
During OpenVAS installation on Kali Linux, the admin password setup sometimes fails silently - especially in versions like Greenbone Security Assistant 4.0 with OpenVAS 6. The system continues working but leaves you locked out of the admin account. Here's the complete solution:
The most reliable approach is modifying the PostgreSQL backend:
sudo -u postgres psql openvas
UPDATE users SET password=md5('your_new_password') WHERE name='admin';
\q
After running these commands, restart the services:
sudo service openvas-scanner restart
sudo service openvas-manager restart
If you have CLI access:
sudo openvasmd --user=admin --new-password=your_new_password
Verify the change with:
sudo openvasmd --get-users
When direct password reset fails, create a temporary admin user:
sudo openvasmd --create-user=temporary_admin --role=Admin
sudo openvasmd --user=temporary_admin --new-password=temp_pass123
Then use this account to reset the original admin password through the web interface.
If methods fail, check:
- PostgreSQL service status:
sudo systemctl status postgresql - OpenVAS services:
sudo openvas-check-setup - Firewall rules blocking database access
After regaining access:
- Configure password recovery email
- Create backup admin accounts
- Document passwords in secure storage
During a fresh OpenVAS 6 installation on Kali Linux, you might encounter a situation where the admin password setup fails silently. The system installs successfully, but you're left without admin access - a particularly frustrating scenario when you've verified normal operation through non-admin accounts.
OpenVAS/GSA 4.0 uses a PostgreSQL database for credential storage. The admin user (by default 'admin') credentials are stored in the users table of the gsadb database. When the installation script fails to set this password, it leaves the authentication record in an invalid state.
The most effective solution is to reset the password directly in the database:
sudo -u postgres psql gsadb
UPDATE users SET password=md5('your_new_password'||'c3f1c2f3e3c4d5e6') WHERE name='admin';
\q
This command:
- Accesses the PostgreSQL database as the postgres user
- Updates the admin password using OpenVAS's specific MD5 hashing format (password + salt)
- The salt 'c3f1c2f3e3c4d5e6' is OpenVAS's default for version 6
For those uncomfortable with direct database manipulation, OpenVAS provides a CLI tool:
sudo openvasmd --user=admin --new-password=your_new_password
sudo systemctl restart openvas-manager
sudo systemctl restart greenbone-security-assistant
After resetting, verify access through Greenbone Security Assistant (typically at https://localhost:9392). If issues persist:
# Check service status
sudo systemctl status openvas-manager
sudo systemctl status greenbone-security-assistant
# Review logs
sudo journalctl -u openvas-manager -f
sudo tail -f /var/log/openvas/gsad.log
For clean installations, consider this post-install script that ensures proper admin setup:
#!/bin/bash
# OpenVAS post-install admin setup
ADMIN_PASS=$(openssl rand -base64 16)
sudo openvasmd --create-user=admin --role=Admin
sudo openvasmd --user=admin --new-password="$ADMIN_PASS"
echo "Admin password set to: $ADMIN_PASS" | tee /root/openvas_credentials.txt