Nessus installation on Ubuntu

Nessus is one of the best vulnerability scanners out there and works on all major platforms. If you care about the security of the network then you should take a proactive mindset to defend from possible attacks. This is a guide on how to install Nessus the client and server on Ubuntu Linux, no explanation on how to use Nessus is given (sorry). The steps are similar for other Linux distributions (adapt), the major difference is that in this tutorial I use apt-get to install Nessus.

Nessus installation

Start by installing Nessus client and server which are required to have a functional Nessus installation. Do not worry about creating certificates the installation automatically takes care of that.

sudo apt-get install nessusd nessus nessus-plugins

New user configuration

That was easy!. Before we can start using Nessus its required that you create a new user for Nessus.

sudo nessus-adduser

In a multi-user environment you might want to add some restrictions on what the users can do. In this occasion I do not want any restrictions on what Nessus can do.

Provide a username and password.

Add a new nessusd user

Login : (my_nessus_username)
Authentication (pass/cert) [pass] : (press_enter_to_use_a_password)
Login password : (provide_a_password_for_the_username)
Login password (again) : (confirm_the_password)

I recommend you do not place any restrictions on what the new Nessus user can do, hit Ctrl + D. Then you will be asked to confirm the given user information by pressing y.

User rules
nessusd has a rules system which allows you to restrict the hosts
that user_name has the right to test. For instance, you may want
him to be able to scan his own host only.

Please see the nessus-adduser(8) man page for the rules syntax

Enter the rules for this user, and hit ctrl-D once you are done :
(the user can have an empty rules set)

Login             : my_nessus_username
Password          : ***********
DN                :
Rules             :

Is that ok ? (y/n) [y] y
user added.

Now Nessus has a user to work with, lets start Nessus.

sudo /etc/init.d/nessusd start

Nessus registration

Nessus works without registration, but it is highly recommended that you register the installation with Tenable Network Security to keep the Nessus plugins up-to-date. The vulnerabilities plugins on a unregistered installation may become obsolete, which will lead you to think there are no vulnerabilities on the network.

Visit the following link to read and accept the Tenable Network Security agreement and provide them with an email address where they can send you a registration key for the Nessus installation. We will use the key in a moment.

Tenable Network Security (Nessus) registration page

Copy the registration key. In the email you are given instruction on how to use the registration key. However the path given on the instructions will not work on Debian based distributions like Ubuntu, we just need to make a small change on the path. Instead of the orignal path /opt/nessus/bin/nessus-fetch use the correct path /usr/bin/nessus-fetch. Replace xxxx with the registration key.

sudo /usr/bin/nessus-fetch --register xxxx-xxxx-xxxx-xxxx-xxxx

xxxx-xxxx-xxxx-xxxx-xxxx – is the 20 character registration key.

And this is how the actual registration looks like.

user@desktop:~$ sudo /usr/bin/nessus-fetch --register 2BH5-SF95-L1IA-8E17-CR5C
Your activation code has been registered properly - thank you.
Now fetching the newest plugin set from
W: Cannot find a running instance of Nessus, did not find /var/run/
Your Nessus installation is now up-to-date.
Make sure to call regularly use the command 'nessus-update-plugins' to stay up-to-date
To automate the update process, please visit 

Update Nessus Plugins

sudo nessus-update-plugins

You can launch Nessus from Applications > Internet > Nessus.

Nessus is useful for automatic network vulnerability identification, but will not replace a careful administrator in the first place.


  • Chester911cross

    “chance@chance-laptop:~$ sudo nessus-adduser
    sudo: nessus-adduser: command not found”

    what am I doing wrong here

    I have done the install

    chance@chance-laptop:~$ sudo apt-get install nessus nessusd
    Reading package lists… Done
    Building dependency tree
    Reading state information… Done
    nessus is already the newest version.
    Some packages could not be installed. This may mean that you have
    requested an impossible situation or if you are using the unstable
    distribution that some required packages have not yet been created
    or been moved out of Incoming.
    The following information may help to resolve the situation:

    The following packages have unmet dependencies:
    nessus: Conflicts: nessusd (< 3.0) but 2.2.10-3 is to be installed
    E: Broken packages
    chance@chance-laptop:~$ sudo nessus-adduser
    sudo: nessus-adduser: command not found

  • dataninja

    It may sound silly but have you tried updating and upgrading the system apt-get update, apt-get upgrade. Then I recommend you open Synaptic Package Manager and look for the Nessus packages and remove them from your system, then try to reinstall them using Synaptic.

    Thats a weird error you are getting, it seems like the packages you downloaded were bad. Good luck and post again if the results change.

  • digi

    Worked good for me.
    I think i may have had a previous install.. . and once the install was all done i loaded it from the application menu, but none of the plugins were loaded…. so I executed ‘sudo nessusd’ in the command line and it is currently populating the plugin list.. hopefully it all works in the end.
    Thanks for the tutorial!

  • digi

    yep worked (installed in ubuntu)… apparently my windows box needs some updating…

    • dataninja

      Good to hear it worked!

  • The latest version of the open source is an excellent alternative to the now commercial Nessus.

    The latest Nessus is free for non-commercial use but has an IP scan limit of about 15.

  • ian bristow

    When i run sudo apt-get install nessusd nessus nessus-plugins

    I get the following error

    package nesses is not available, but it is referred to by another package
    this may mean that the package is missing, been obsoleted or is only available from another source.
    However the following package replaces it openvas-client
    E:unable to locate package nessusd
    E:Package nessus has no installation cadidate
    E: unable to locate package nessus-plugins

    Im running ubuntu 10.10 ,
    I tried changing the package name to openvas-client and that did not work either

    Any one have any suggestions /help?


  • thony

    when i start nessus daemon i getting error….iam using ubuntu 10.10 and erroe like this…..
    Starting Nessus daemon: [3789](/var/lib/nessus/plugins/ssl_resume.nasl) Too many args for function ‘exit’ [0N+2U > 1N+0U]
    [3789]() Including which is not authenticated – losing our authenticated status
    nessus-libraries/libnessus/store.c: /var/lib/nessus/plugins/rocketsoftware_universe_unidata_code_exec.nasl has a too long required ports (71)
    rocketsoftware_universe_unidata_code_exec.nasl failed to load
    [3789](/var/lib/nessus/plugins/mozilla_firefox_369.nasl) Too many args for function ‘exit’ [0N+2U > 1N+0U]
    how to solve this…..