How To Install OpenSCAP on Ubuntu 22.04 LTS

In this tutorial, we will show you how to install OpenSCAP on Ubuntu 22.04 LTS. For those of you who didn’t know, OpenSCAP is the best tool for performing security audits and provides a great way to check systems vulnerability. It also integrates with other specifications like CPE, CCE, and OVAL to produce a SCAP-expressed checklist that can be processed by SCAP-validated products.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the OpenSCAP security audits on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

Prerequisites

• A server running one of the following operating systems: Ubuntu 22.04, 20.04, and any other Debian-based distribution like Linux Mint.
• It’s recommended that you use a fresh OS install to prevent any potential issues.
• SSH access to the server (or just open Terminal if you’re on a desktop).
• A non-root sudo user or access to the root user. We recommend acting as a non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.

Install OpenSCAP on Ubuntu 22.04 LTS Jammy Jellyfish

Step 1. First, make sure that all your system packages are up-to-date by running the following apt commands in the terminal.

sudo apt update
sudo apt upgrade
sudo apt install wget apt-transport-https gnupg2 software-properties-common

Step 2. Installing OpenSCAP on Ubuntu 22.04.

By default, OpenSCAP is available on Ubuntu 22.04 base repository. Now install the latest version of OpenSCAP to your Ubuntu system using the following command:

sudo apt install libopenscap8

Verify version OpenSCAP is installed using the following command:

oscap --version

Step 3. Installing Oval (Open Vulnerability and Assessment Language).

Now run the following command to download Oval from the official page using the command below:

wget https://people.canonical.com/~ubuntu-security/oval/com.ubuntu.xenial.cve.oval.xml

Next, run a system audit using the following command:

oscap oval eval --results /tmp/oscap_results.xml --report /tmp/oscap_report.html com.ubuntu.xenial.cve.oval.xml

After that, copy the generated HTML report to /var/www/html directory using the command below:

sudo cp /tmp/oscap_report.html /var/www/html

Step 4. Accessing OpenSCAP Web Interface.

Once successfully configure OpenSCAP and Oval, now we open your web browser and type the URL http://your-IP-address/oscap_report.html to view your system audit results. You will be redirected to the following page:

Congratulations! You have successfully installed OpenSCAP. Thanks for using this tutorial for installing OpenSCAP security audits on Ubuntu 22.04 LTS Jammy Jellyfish system. For additional help or useful information, we recommend you check the official OpenSCAP website.