You need to configure correct enable password in cisco and script too. (or to password list)
-- Eero 2016-03-28 13:46 GMT+03:00 Yurii Shatylo <yuriishat...@gmail.com>: > Dear Colleagues, > > Some time ago I setup Cisco ASA agentless monitoring. After Brent’s > clarification I found out that I have missed some settings which I > successfully setup. When the settings were implemented I tried to check by > “./agentless/ssh_asa-fwsmconfig_diff user...@192.168.0.1” command but > result was unsuccessful. The first authentication level is OK but when the > script pushed “enable” command I got error: > > > > “*enable* > > *Password:* > > *Invalid password* > > *Password: ERROR: Incorrect enable password to remote host: > ishatylo@192.168.0.1 <ishatylo@192.168.0.1>* “ > > > > I guess it connected with some missing information in the scrip or maybe > else. Could you please help me? > > Thank you in advance. > > KR, Yurii > > 2016-03-26 18:21 GMT+02:00 Yurii Shatylo <yuriishat...@gmail.com>: > >> Hi Brent! >> >> I have provided authentication information follow the document. As the >> result I got: >> >> *Host ishatylo@192.168.1.1 added >> >> After that started ./ssh_asa-fwsmconfig_diff ishatylo@192.168.1.1 but >> got an error: >> >> ERROR: Password list not present (use "register_host" first) >> >> Do you know how to fix it? >> >> Yurii >> >> >> On Thursday, March 17, 2016 at 5:21:35 PM UTC+2, Brent Morris wrote: >> >>> Hi Yurii, >>> >>> Did you use the register_host.sh script as documented >>> http://ossec-docs.readthedocs.org/en/latest/manual/agent/agentless-monitoring.html >>> ? If so, there should be a file called .passlist in the >>> /var/ossec/agentless folder. open that file and ensure the information is >>> correct. >>> >>> You can test your agentless with this method. >>> >>> be sure your current working directory is /var/ossec >>> >>> pwd >>> /var/ossec >>> >>> from there.. >>> >>> ./agentless/ssh_asa-fwsmconfig_diff user...@192.168.0.1 >>> >>> Check the output and see where the trouble is. >>> >>> Hope this helps!!! >>> >>> -Brent >>> >>> >>> >>> >>> >>> On Wednesday, March 16, 2016 at 8:24:29 AM UTC-7, Yurii Shatylo wrote: >>>> >>>> Dear Colleagues, >>>> >>>> Could you give me a hand with my issue? >>>> I've put credentials to the *ssh_asa-fwsmconfig_diff *and as the >>>> result I've got (2016/03/16 11:29:13 ossec-agentlessd: INFO: Test passed >>>> for 'ssh_asa-fwsmconfig_diff). After that I deleted ACL on the cisco asa >>>> but nothing happened. It seems like script which produces difference is not >>>> working. >>>> *There is my general config file:* >>>> >>>> <agentless> >>>> <type>ssh_asa-fwsmconfig_diff</type> >>>> <frequency>300</frequency> >>>> <host>user...@192.168.0.1</host> >>>> <state>periodic_diff</state> >>>> </agentless> >>>> >>>> *Thank you in advance.* >>>> *Yurii* >>>> >>> -- >> >> --- >> You received this message because you are subscribed to a topic in the >> Google Groups "ossec-list" group. >> To unsubscribe from this topic, visit >> https://groups.google.com/d/topic/ossec-list/FXo7fizdOII/unsubscribe. >> To unsubscribe from this group and all its topics, send an email to >> ossec-list+unsubscr...@googlegroups.com. >> For more options, visit https://groups.google.com/d/optout. >> > > > > -- > С уважением, > Юрий > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
