Trying to debug with expect I got: *expect -d agentless/ssh_integrity_check_linux u...@server.com /directory/to/check* *expect version 5.45* *argv[0] = expect argv[1] = -d argv[2] = agentless/ssh_integrity_check_linux argv[3] = u...@server.com argv[4] = /directory/to/check* *set argc 2* *set argv0 "agentless/ssh_integrity_check_linux"* *set argv "u...@server.com /directory/to/check"* *executing commands from command file agentless/ssh_integrity_check_linux* *spawn ssh u...@server.com* *parent: waiting for sync byte* *parent: telling child to go ahead* *parent: now unsynchronized from child* *spawn: returns {456}*
*expect: does "" (spawn_id exp4) match glob pattern "WARNING: REMOTE HOST"? no* *"*sure you want to continue connecting*"? no* *"ssh: connect to host*"? no* *"no address associated with name"? no* *"*Connection refused*"? no* *"*Connection closed by remote host*"? no* *"* password:*"? no* *user@server ~ $* *expect: does "\u001b[01;31malk2\u001b[01;33m@\u001b[01;36malk2 \u001b[01;33m~ \u001b[01;35m$ \u001b[00m" (spawn_id exp4) match glob pattern "WARNING: REMOTE HOST"? no* *"*sure you want to continue connecting*"? no* *"ssh: connect to host*"? no* *"no address associated with name"? no* *"*Connection refused*"? no* *"*Connection closed by remote host*"? no* *"* password:*"? no* *expect: timed out* I don't have access to auth.log on remote server, it's shared hosting which is why I am trying to implement agentless monitoring there. I am able to manually log in with user ossec and keyfile to that server without problems. Regards On Tuesday, 21 March 2017 13:59:57 UTC+1, Kat wrote: > > Hi, > > Could you post the log entries? Also, an ssh -vvv output would help to see > what is going on. It is clearly a connection problem, but hard to diagnose > based on what you have posted. > > Kat > > On Friday, March 17, 2017 at 10:20:58 PM UTC-5, Marcin Gołębiowski wrote: >> >> I can't seem to make the agentless monitoring to work. I added two remote >> boxes with /var/ossec/agentless/register_host.sh and configured >> paswordless connection generating ssh keys for user ossec. However after >> restarting ossec the connection to remote server fails every time. >> Ossec.log shows: ossec-agentlessd: ERROR: ssh_integrity_check_linux: >> us...@remote.server.pl: Public key authentication failed to host: >> us...@remote.server.pl. I tried to connect wit a password but this time >> I got timeout: ERROR: ssh_integrity_check_linux: u...@remote.server.pl: >> Timeout while connecting to host: us...@remote.server.pl. I checked >> .passlist file and passwords are correct. What is more - I am able to ssh >> to remote server using id_rsa generated for ossec user so theoretically >> ossec should connect with NOPASS option. But it doesn't. I am in the dark. >> Server is Ubuntu Server 16.04, OSSEC verson 2.8.3, expect installed, >> firewall disabled. Any ideas? >> > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.