On Tue, Jul 22, 2014 at 9:23 AM, theresa mic-snare <rockprinz...@gmail.com> wrote: > Hi dan, > > thanks for your speedy reply. > > Hmm, the keys and even the .ssh directory belong to user and group ossec: > -rw-------. 1 ossec ossec 1675 22. Jul 09:17 id_rsa > -rw-r--r--. 1 ossec ossec 407 22. Jul 09:17 id_rsa.pub > > I create the keys like this: > > sudo -u ossec ssh-keygen >
Verify the .passlist looks something like: os...@example.net|NOPASS| Check that your configuration has <host>os...@example.net</host>, not just example.net. What happens if you try running the commands manually? cd /var/ossec expect agentless/ssh_integrity_check_linux os...@example.net /etc > thanks, > theresa > > > Am Dienstag, 22. Juli 2014 15:16:08 UTC+2 schrieb dan (ddpbsd): >> >> On Tue, Jul 22, 2014 at 9:03 AM, theresa mic-snare >> <rockpr...@gmail.com> wrote: >> > hi there, >> > >> > i have a similar problem with adding an agentless host. >> > >> > in the ossec.log i found the following entry: >> > 2014/07/22 14:43:43 ossec-agentlessd: ERROR: ssh_integrity_check_linux: >> > os...@example.net: Password for 'os...@example.net' not found. >> > 2014/07/22 14:43:44 ossec-agentlessd: ERROR: ssh_generic_diff: >> > os...@example.net: Password for 'os...@example.net' not found. >> > >> > I added the host by: >> > /var/ossec/agentless/register_host.sh add os...@example.net NOPASS >> > >> > I then SCP'd the public key to the remote host >> > scp id_rsa.pub os...@example.net:/home/ossec/.ssh/authorized_keys2 >> > >> >> Does the OSSEC manager have access to the keys in order to connect? >> >> > i can even ssh to this very machine with the key mentioned above without >> > any >> > problems. >> > >> > *Available hosts: >> > os...@example.net >> > >> > Is there even a way to unregister a host? >> > if so, how? >> > >> >> Delete it from /var/ossec/agentless/.passlist I think. >> >> > thanks and looking forward to hearing from you, >> > theresa >> > >> > Am Dienstag, 21. April 2009 19:38:09 UTC+2 schrieb emcpa07: >> >> >> >> Hello, >> >> I'm trying to use the agentless functionality on my OpenSuse 11.1 box >> >> and I'm receiving a timeout when ssh'ng to my host which is running >> >> Fedora10. I'm using the ssh_integrity_check_linux and ssh_generic_diff >> >> and both have passed the agentless test. I've tried using all >> >> connection methods listed, NOPASS, with PASS etc... However, I can ssh >> >> to my host using the "accounts/boxes" created using the supplied >> >> command/script: /var/ossec/agentless/register_host.sh add ro...@xx.net >> >> mypass1 and /var/ossec/agentless/register_host.sh add ro...@xx.net >> >> NOPASS >> >> >> >> any help would be appreciated. >> >> >> >> Thanks, >> >> Ron >> > >> > -- >> > >> > --- >> > You received this message because you are subscribed to the Google >> > Groups >> > "ossec-list" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> > an >> > email to ossec-list+...@googlegroups.com. >> > For more options, visit https://groups.google.com/d/optout. > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
