Access to the Greenbone Security Manager primarily occurs through the web interface. To use it properly the following two steps are required:
Creation of a web administrator
This user is used to log into the web interface with administrative rights. This user can use all of the features within the web interface.
Creation of a SSL certificate
The SSL certificate is required to for the encrypted communication via HTTPS and OMP with the GSM. A self-signed certificate can be created or issue a certificate from a certificate authority (see section Certificate by an external certificate authority)
To be able to use the GSM appliance a web administrator must be set up. This user is being referred to as Scan Administrator in some documentation and by some applications.
The set-up of a web admin is only possible through the GOS-Admin-Menu or from command line. Within the GOS-Admin-Menu switch to the User option and select Add Web Admin. Now enter the name and password of the scan administrator.
More than one user with administrative rights can be set up. Configuration of users from the GOS-Admin-Menu is not possible. It is only possible to display existing users or delete them if applicable.
To edit the existing users, or add users with less permissions, use the web-interface.
The GSM appliance basically can use two types of certificates:
The use of self-signed certificates is the easiest way. It poses, however, the lowest security and more work for the user:
Usually, a GSM already carries a individual self-signed certificate. The installation of a certificate signed by an external certificate authority is described in section Certificate by an external certificate authority.
To create a new self-signed certificate chose option SSL in the GOS-Admin-Menu and then select Self-Signed. You will be prompted with a couple of questions. The certificate is build based on the respective answers. The declaration of commonName is not critical as it is not part of the certificate.