}

How to Install Nessus on Ubuntu 22.04 / 24.04 (2026 Guide)

Last updated: 6 min read

Last updated: March 2026

How to Install Nessus on Ubuntu 22.04 / 24.04 (2026 Guide)

To install Nessus on Ubuntu, download the .deb package from tenable.com, run sudo dpkg -i Nessus-*.deb, start the service with sudo systemctl start nessusd, then open https://localhost:8834 to complete setup. Nessus Essentials is free for up to 16 IPs and requires an activation code from Tenable.

Note: Nessus is not available in the Ubuntu or Kali Linux repositories. It must be downloaded directly from Tenable's website.

Prerequisites

  • Ubuntu 22.04 LTS (Jammy) or Ubuntu 24.04 LTS (Noble) — 64-bit
  • At least 4 GB RAM (8 GB recommended for larger scans)
  • At least 30 GB disk space
  • Internet access for initial plugin download (~1 GB)
  • A free Tenable account for the activation code

Step 1: Download the Nessus .deb Package

Visit the official Tenable download page at https://www.tenable.com/downloads/nessus in a web browser.

  1. Select Nessus from the product list
  2. Choose the version for Ubuntu (.deb format)
  3. Select the correct architecture: Linux - Ubuntu - amd64 for most systems
  4. Click Download — you will need to accept the license agreement

Alternatively, use the Tenable API to download directly from the terminal. First, find the current filename from the download page, then:

# Download example (replace filename with current version from tenable.com)
curl -o Nessus.deb "https://www.tenable.com/downloads/api/v1/public/pages/nessus/downloads/XXXX/download?i_agree_to_tenable_license_agreement=true"

Verify the download:

ls -lh Nessus*.deb
# Example: -rw-r--r-- 1 user user 45M Mar 26 10:00 Nessus-10.7.4-ubuntu1404_amd64.deb

Step 2: Install the .deb Package

Use dpkg to install the downloaded package:

sudo dpkg -i Nessus-10.7.4-ubuntu1404_amd64.deb

Expected output:

Selecting previously unselected package nessus.
(Reading database ... 312847 files and directories currently installed.)
Preparing to unpack Nessus-10.7.4-ubuntu1404_amd64.deb ...
Unpacking nessus (10.7.4) ...
Setting up nessus (10.7.4) ...
Unpacking Nessus Scanner Core Components...
 - You can start Nessus Scanner by typing /bin/systemctl start nessusd.service
 - Then go to https://localhost:8834/ to configure your scanner

If dpkg reports missing dependencies, fix them:

sudo apt --fix-broken install

Step 3: Start the Nessus Service

Enable and start the Nessus daemon:

sudo systemctl enable nessusd
sudo systemctl start nessusd

Verify the service is running:

sudo systemctl status nessusd

Expected output:

● nessusd.service - Tenable Nessus
     Loaded: loaded (/lib/systemd/system/nessusd.service; enabled)
     Active: active (running) since Thu 2026-03-26 10:01:00 UTC; 5s ago
   Main PID: 12345 (nessus-service)

Check that port 8834 is listening:

sudo netstat -tlnp | grep 8834
# or
sudo ss -tlnp | grep 8834

Step 4: Initial Setup in the Web Interface

Open a browser and navigate to:

https://localhost:8834

Because Nessus uses a self-signed TLS certificate, your browser will display a security warning. Click AdvancedAccept the Risk and Continue (Firefox) or AdvancedProceed to localhost (Chrome).

Welcome Screen: Choose Nessus Product

You will see several product options:

  • Nessus Essentials — Free, up to 16 IP addresses. Best for home labs, students, and individuals.
  • Nessus Professional — Paid, unlimited IPs. For professional penetration testers and security teams.
  • Nessus Expert — Paid, adds cloud scanning and developer security features.

For most users following this guide, select Nessus Essentials and click Continue.

Get an Activation Code

If you do not have an activation code:

  1. Click Get an activation code on the setup page (or visit https://www.tenable.com/products/nessus/nessus-essentials)
  2. Register with a free Tenable account (email + name)
  3. Tenable will email your activation code within a few minutes

Enter the activation code in the setup form and click Continue.

Create an Admin Account

Create your Nessus administrator account:

  • Username: Choose a username (e.g., admin)
  • Password: Use a strong password — at least 12 characters

Click Submit.

Step 5: Wait for Plugin Compilation

After account creation, Nessus downloads and compiles its plugin library (~1 GB). This takes 10–30 minutes depending on your internet connection and CPU speed.

You will see a progress indicator: Initializing Nessus... and Compiling plugins...

Do not close the browser or restart the service during this step. Nessus is usable only after compilation completes.

Monitor progress from the terminal:

# Watch Nessus log during initialization
sudo tail -f /opt/nessus/var/nessus/logs/nessusd.messages

Step 6: Run Your First Scan

Once setup is complete, you land on the Nessus dashboard.

Create a Basic Network Scan

  1. Click New Scan in the top right
  2. Select Basic Network Scan
  3. Configure:
  4. Name: e.g., "Lab Network Scan"
  5. Targets: Enter IP addresses or ranges (e.g., 192.168.1.0/24 or 192.168.1.1-50)
  6. Click Save
  7. Click the Play button next to the scan to start it

View Results

When the scan completes (a green checkmark appears), click on it to see findings organized by: - Critical / High / Medium / Low / Info severity - Affected hosts - CVE references and remediation guidance

Nessuscli: Command-Line Management

The nessuscli utility at /opt/nessus/sbin/nessuscli allows command-line management of your Nessus installation.

# List users
sudo /opt/nessus/sbin/nessuscli lsuser

# Reset admin password (if locked out)
sudo /opt/nessus/sbin/nessuscli chpasswd admin

# Update plugins manually
sudo /opt/nessus/sbin/nessuscli update --all

For a complete guide to password reset and nessuscli commands, see How to Reset Nessus Password via CLI.

Upgrade Considerations

Nessus Essentials Limitations

The free Essentials tier limits you to 16 unique IP addresses per scan cycle. If you need to scan larger networks:

  • Nessus Professional: ~$3,990/year, unlimited IPs, advanced features
  • Nessus Expert: ~$5,990/year, adds developer security and cloud scanning

Updating Nessus

To update to a newer version:

# Download the new .deb from tenable.com
# Stop the service
sudo systemctl stop nessusd

# Install the new package (overwrites existing)
sudo dpkg -i Nessus-NEW-VERSION-ubuntu1404_amd64.deb

# Start the service
sudo systemctl start nessusd

Your scans, policies, and credentials are preserved during upgrades.

Updating Plugins Only

sudo /opt/nessus/sbin/nessuscli update --all
sudo systemctl restart nessusd

Troubleshooting

Cannot Connect to https://localhost:8834

# Check service status
sudo systemctl status nessusd

# Start if stopped
sudo systemctl start nessusd

# Check port
sudo ss -tlnp | grep 8834

Slow Plugin Compilation

Plugin compilation is CPU-intensive. On a VM or older machine it can take 30-60 minutes. Let it complete — do not restart.

"This Nessus installation is password-protected" Error

This appears when the Nessus database is corrupted or the admin account was deleted. See How to Reset Nessus Password for recovery steps.

dpkg Dependency Errors

sudo apt --fix-broken install
sudo dpkg -i Nessus-*.deb

FAQ

Q: Is Nessus Essentials really free? A: Yes. Nessus Essentials is permanently free for up to 16 IP addresses. It includes the full Nessus plugin library and basic scan types. No credit card is required — only a Tenable account registration for the activation code.

Q: Can I install Nessus on Kali Linux instead of Ubuntu? A: Yes. Kali Linux is Debian-based, so the Ubuntu .deb package installs correctly. Use the Ubuntu download and follow the same steps. The nessusd service management is identical.

Q: How do I uninstall Nessus? A: Run sudo dpkg -r nessus to remove the package. Configuration files remain in /opt/nessus/. To remove those as well, run sudo rm -rf /opt/nessus.

Related Articles