Mike I agree that have the Key file on the PC with all the keys is not a good idea. I will look into OpenSSL.
On Thursday, September 19, 2013 9:55:32 AM UTC-5, Michael Starks wrote: > > On 19.09.2013 08:46, Chris Lauritzen wrote: > > James let get this straight, if I have 3500 pc's to push this out to > > I > > need 3500 client.keys files? > > Just to jump in here, let's consider for a moment that the compromise > of one machine would mean the compromise of all keys in your > infrastructure if every key existed on one agent. > > Now, I get what your saying--it shouldn't be this hard. That's why > agent-auth was created, but unfortunately, it doesn't work in Windows > right now. Some effort was recently made to get OpenSSL to compile and > that was successful. OSSEC just needs to be built with it now and then > it will probably work. So if you or someone has the time to step in and > make this work, everyone would benefit. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
