TOC & Recently Viewed

Recently Viewed Topics

Install a Nessus Agent on Linux

Retrieve Agent Linking Key from within Nessus

  1. Log in to Nessus.
  2. Select the button.
  3. On the Scanners / Agents / Linked page, select Agent > Linked and read the on-screen message.
    Agents can be linked to this manager using the provided key with the following setup instructions. Once linked, they must be added to a group for use when configuring scans.

    Also, linked agents will automatically download plugins from the manager upon connection. Please note, this process can take several minutes and is required before an agent will return scan results.

  4. Select the setup instructions link.

    The Agent Setup Instructions window appears.

  5. Record the host, port, and key values. These values will be used during the installation of the Nessus Agent.
  6. Select the Close button.

Download the Nessus Agent

From the Nessus Agents Download Page, download the Nessus Agent specific to your operating system.

Example Nessus Agent Package Names

Note: The following steps require root privileges.

Install Nessus Agent

Using the command line interface, install the Nessus Agent.

Note: After installing a Nessus Agent, you must manually start the service using the command /sbin/service nessusagent start.

Example Linux Install Commands

Link Agent to Nessus Manager

During this step, you will need the Agent Key values obtained from the Nessus UI:

Agent Key Values

Required Values

  • Key
  • Host
  • Port

Optional Values

  • Name (A name for your Agent)
  • Groups (Existing Agent Group(s) that you want your Agent to be a member of)

    If you do not specify an Agent Group during the install process, you can later add your linked Agent to an Agent Group within the Nessus UI.

At the command prompt, use the following command as an example to construct the nessuscli agent link string.

/opt/nessus_agent/sbin/nessuscli agent link

--key=00abcd00000efgh11111i0k222lmopq3333st4455u66v777777w88xy9999zabc00

--name=MyOSXAgent --groups="All" --host=yourcompany.com --port=8834

Note: If you attempt to clone an Agent and link it to Nessus Manager, a 409 error may appear. This is because another machine has been linked with the same uuid value in the /etc/machine_id or /etc/tenable_tag file. To resolve this issue, replace the value in the /etc/tenable_tag file with a valid UUIDv4 value. If the /etc/machine_id file does not exist, you can delete /etc/tenable_tag to generate a new value.

Verify Linked Agent.

  1. In Nessus, select the button.
  2. View Agents on the Scanners / Agents / Linked page.

    Note: If information provided in your command string is incorrect, a Failed to link agent error will be displayed.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.