Re: [ossec-list] timeout - ossec-agentlessd: ERROR: ssh_generic_diff: ossec

2017-03-16 Thread dan (ddp) 
On Thu, Mar 16, 2017 at 6:44 AM, Eduardo Reichert Figueiredo
 wrote:
> Hi Dan, i have success when run this command below.
>
> # su  ossec -s /bin/bash -c 'cd /var/ossec && expect
> agentless/ssh_generic_diff user_ossec@SERVIDOR-01 ls -lah'
> Connection to SERVIDOR-01 closed.
> INFO: Finished.
>
> this log error in first post is only "expect" don't run this command?
>

If it works when you run it manually, but not automatically, I'm out of ideas.
I was hoping it was just output that expect didn't expect, that's
usually what the timeout problems are.

I don't use agentless much, especially for systems I can install an agent to.

>
>
> Em quarta-feira, 15 de março de 2017 16:21:03 UTC-3, dan (ddpbsd) escreveu:
>>
>> On Mon, Mar 13, 2017 at 9:59 AM, Eduardo Reichert Figueiredo
>>  wrote:
>> > Dear all,
>> > i have the ERROR below in my ossec server, and not generated alerts from
>> > Linux (agentless) in ossec.
>> > I search more error similars in this foruns but i dont founded solution.
>> >
>> > Can you help me?
>> >
>> > 2017/03/13 10:42:35 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01
>> > ~]$
>> > 2017/03/13 10:42:35 ossec-agentlessd: ERROR: ssh_generic_diff:
>> > ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 .
>> > 2017/03/13 10:52:01 ossec-agentlessd: DEBUG: buffer: spawn ssh
>> > ossec@SERVIDOR-01
>> > 2017/03/13 10:52:01 ossec-agentlessd: DEBUG: buffer: Last login: Mon Mar
>> > 13
>> > 10:42:15 2017 from 192.168.140.84
>> > 2017/03/13 10:52:21 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01
>> > ~]$
>> > 2017/03/13 10:52:21 ossec-agentlessd: ERROR: ssh_integrity_check_linux:
>> > ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 .
>> > 2017/03/13 10:52:22 ossec-agentlessd: DEBUG: buffer: spawn ssh
>> > ossec@SERVIDOR-01
>> > 2017/03/13 10:52:22 ossec-agentlessd: DEBUG: buffer: Last login: Mon Mar
>> > 13
>> > 10:52:01 2017 from 192.168.140.84
>> > 2017/03/13 10:52:42 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01
>> > ~]$
>> > 2017/03/13 10:52:42 ossec-agentlessd: ERROR: ssh_generic_diff:
>> > ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 .
>> >
>>
>> Try running the script maually:
>> `cd /var/ossec && expect agentless/ssh_generic_diff AGENTLESSINFO ARGS`
>>
>> Replace AGENTLESSINFO with the  information from your
>> ossec.conf, and ARGS with the  info.
>>
>> >
>> > Kind regards
>> >
>> > --
>> >
>> > ---
>> > You received this message because you are subscribed to the Google
>> > Groups
>> > "ossec-list" group.
>> > To unsubscribe from this group and stop receiving emails from it, send
>> > an
>> > email to ossec-list+...@googlegroups.com.
>> > For more options, visit https://groups.google.com/d/optout.
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ossec-list+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ossec-list] timeout - ossec-agentlessd: ERROR: ssh_generic_diff: ossec

2017-03-16 Thread Eduardo Reichert Figueiredo 
Hi Dan, i have success when run this command below.

# su  ossec -s /bin/bash -c 'cd /var/ossec && expect 
 agentless/ssh_generic_diff user_ossec@SERVIDOR-01 ls -lah'
Connection to SERVIDOR-01 closed.
INFO: Finished.

this log error in first post is only "expect" don't run this command?



Em quarta-feira, 15 de março de 2017 16:21:03 UTC-3, dan (ddpbsd) escreveu:
>
> On Mon, Mar 13, 2017 at 9:59 AM, Eduardo Reichert Figueiredo 
>  wrote: 
> > Dear all, 
> > i have the ERROR below in my ossec server, and not generated alerts from 
> > Linux (agentless) in ossec. 
> > I search more error similars in this foruns but i dont founded solution. 
> > 
> > Can you help me? 
> > 
> > 2017/03/13 10:42:35 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 
> ~]$ 
> > 2017/03/13 10:42:35 ossec-agentlessd: ERROR: ssh_generic_diff: 
> > ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 . 
> > 2017/03/13 10:52:01 ossec-agentlessd: DEBUG: buffer: spawn ssh 
> > ossec@SERVIDOR-01 
> > 2017/03/13 10:52:01 ossec-agentlessd: DEBUG: buffer: Last login: Mon Mar 
> 13 
> > 10:42:15 2017 from 192.168.140.84 
> > 2017/03/13 10:52:21 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 
> ~]$ 
> > 2017/03/13 10:52:21 ossec-agentlessd: ERROR: ssh_integrity_check_linux: 
> > ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 . 
> > 2017/03/13 10:52:22 ossec-agentlessd: DEBUG: buffer: spawn ssh 
> > ossec@SERVIDOR-01 
> > 2017/03/13 10:52:22 ossec-agentlessd: DEBUG: buffer: Last login: Mon Mar 
> 13 
> > 10:52:01 2017 from 192.168.140.84 
> > 2017/03/13 10:52:42 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 
> ~]$ 
> > 2017/03/13 10:52:42 ossec-agentlessd: ERROR: ssh_generic_diff: 
> > ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 . 
> > 
>
> Try running the script maually: 
> `cd /var/ossec && expect agentless/ssh_generic_diff AGENTLESSINFO ARGS` 
>
> Replace AGENTLESSINFO with the  information from your 
> ossec.conf, and ARGS with the  info. 
>
> > 
> > Kind regards 
> > 
> > -- 
> > 
> > --- 
> > You received this message because you are subscribed to the Google 
> Groups 
> > "ossec-list" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an 
> > email to ossec-list+...@googlegroups.com . 
> > For more options, visit https://groups.google.com/d/optout. 
>

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ossec-list] timeout - ossec-agentlessd: ERROR: ssh_generic_diff: ossec

2017-03-16 Thread Eduardo Reichert Figueiredo 
Hello Dan,
i try connect in my agentless, but i dont have success..

#su -s ossec -s /bin/bash -c 'cd /var/ossec && expect 
agentless/ssh_generic_diff user_ossec@SERVIDOR-01 ls -lt'
spawn ssh user_ossec@SERVIDOR-01
user_ossec@SERVIDOR-01's password:
ERROR: Public key authentication failed to host: user_ossec@SERVIDOR-01

but if i try connect in my agentless with command below, i have succes and 
access with key is functional
su - ossec -s /bin/bash -c 'ssh user_ossec@SERVIDOR-01 ls -lt'

You know this problem? Can be my spawn or expect?

Em quarta-feira, 15 de março de 2017 16:21:03 UTC-3, dan (ddpbsd) escreveu:
>
> On Mon, Mar 13, 2017 at 9:59 AM, Eduardo Reichert Figueiredo 
>  wrote: 
> > Dear all, 
> > i have the ERROR below in my ossec server, and not generated alerts from 
> > Linux (agentless) in ossec. 
> > I search more error similars in this foruns but i dont founded solution. 
> > 
> > Can you help me? 
> > 
> > 2017/03/13 10:42:35 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 
> ~]$ 
> > 2017/03/13 10:42:35 ossec-agentlessd: ERROR: ssh_generic_diff: 
> > ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 . 
> > 2017/03/13 10:52:01 ossec-agentlessd: DEBUG: buffer: spawn ssh 
> > ossec@SERVIDOR-01 
> > 2017/03/13 10:52:01 ossec-agentlessd: DEBUG: buffer: Last login: Mon Mar 
> 13 
> > 10:42:15 2017 from 192.168.140.84 
> > 2017/03/13 10:52:21 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 
> ~]$ 
> > 2017/03/13 10:52:21 ossec-agentlessd: ERROR: ssh_integrity_check_linux: 
> > ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 . 
> > 2017/03/13 10:52:22 ossec-agentlessd: DEBUG: buffer: spawn ssh 
> > ossec@SERVIDOR-01 
> > 2017/03/13 10:52:22 ossec-agentlessd: DEBUG: buffer: Last login: Mon Mar 
> 13 
> > 10:52:01 2017 from 192.168.140.84 
> > 2017/03/13 10:52:42 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 
> ~]$ 
> > 2017/03/13 10:52:42 ossec-agentlessd: ERROR: ssh_generic_diff: 
> > ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 . 
> > 
>
> Try running the script maually: 
> `cd /var/ossec && expect agentless/ssh_generic_diff AGENTLESSINFO ARGS` 
>
> Replace AGENTLESSINFO with the  information from your 
> ossec.conf, and ARGS with the  info. 
>
> > 
> > Kind regards 
> > 
> > -- 
> > 
> > --- 
> > You received this message because you are subscribed to the Google 
> Groups 
> > "ossec-list" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an 
> > email to ossec-list+...@googlegroups.com . 
> > For more options, visit https://groups.google.com/d/optout. 
>

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ossec-list] timeout - ossec-agentlessd: ERROR: ssh_generic_diff: ossec

2017-03-16 Thread Eduardo Reichert Figueiredo 
Hello Dan,
i try connect in my agentless, but i dont have success..

#su -s ossec -s /bin/bash -c 'cd /var/ossec && expect 
agentless/ssh_generic_diff user_ossec@SERVIDOR-01 ls -lt'
spawn ssh user_ossec@SERVIDOR-01
user_ossec@SERVIDOR-01's password:
ERROR: Public key authentication failed to host: user_ossec@SERVIDOR-01

but if i try connect in my agentless with command below, i have success and 
access with key is functional
su - ossec -s /bin/bash -c 'ssh svc_ossec@gn09 ls -lt'

You know this problem? Can be my spawn or expect?

Em quarta-feira, 15 de março de 2017 16:21:03 UTC-3, dan (ddpbsd) escreveu:
>
> On Mon, Mar 13, 2017 at 9:59 AM, Eduardo Reichert Figueiredo 
>  wrote: 
> > Dear all, 
> > i have the ERROR below in my ossec server, and not generated alerts from 
> > Linux (agentless) in ossec. 
> > I search more error similars in this foruns but i dont founded solution. 
> > 
> > Can you help me? 
> > 
> > 2017/03/13 10:42:35 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 
> ~]$ 
> > 2017/03/13 10:42:35 ossec-agentlessd: ERROR: ssh_generic_diff: 
> > ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 . 
> > 2017/03/13 10:52:01 ossec-agentlessd: DEBUG: buffer: spawn ssh 
> > ossec@SERVIDOR-01 
> > 2017/03/13 10:52:01 ossec-agentlessd: DEBUG: buffer: Last login: Mon Mar 
> 13 
> > 10:42:15 2017 from 192.168.140.84 
> > 2017/03/13 10:52:21 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 
> ~]$ 
> > 2017/03/13 10:52:21 ossec-agentlessd: ERROR: ssh_integrity_check_linux: 
> > ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 . 
> > 2017/03/13 10:52:22 ossec-agentlessd: DEBUG: buffer: spawn ssh 
> > ossec@SERVIDOR-01 
> > 2017/03/13 10:52:22 ossec-agentlessd: DEBUG: buffer: Last login: Mon Mar 
> 13 
> > 10:52:01 2017 from 192.168.140.84 
> > 2017/03/13 10:52:42 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 
> ~]$ 
> > 2017/03/13 10:52:42 ossec-agentlessd: ERROR: ssh_generic_diff: 
> > ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 . 
> > 
>
> Try running the script maually: 
> `cd /var/ossec && expect agentless/ssh_generic_diff AGENTLESSINFO ARGS` 
>
> Replace AGENTLESSINFO with the  information from your 
> ossec.conf, and ARGS with the  info. 
>
> > 
> > Kind regards 
> > 
> > -- 
> > 
> > --- 
> > You received this message because you are subscribed to the Google 
> Groups 
> > "ossec-list" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an 
> > email to ossec-list+...@googlegroups.com . 
> > For more options, visit https://groups.google.com/d/optout. 
>

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ossec-list] timeout - ossec-agentlessd: ERROR: ssh_generic_diff: ossec

2017-03-15 Thread dan (ddp) 
On Mon, Mar 13, 2017 at 9:59 AM, Eduardo Reichert Figueiredo
 wrote:
> Dear all,
> i have the ERROR below in my ossec server, and not generated alerts from
> Linux (agentless) in ossec.
> I search more error similars in this foruns but i dont founded solution.
>
> Can you help me?
>
> 2017/03/13 10:42:35 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 ~]$
> 2017/03/13 10:42:35 ossec-agentlessd: ERROR: ssh_generic_diff:
> ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 .
> 2017/03/13 10:52:01 ossec-agentlessd: DEBUG: buffer: spawn ssh
> ossec@SERVIDOR-01
> 2017/03/13 10:52:01 ossec-agentlessd: DEBUG: buffer: Last login: Mon Mar 13
> 10:42:15 2017 from 192.168.140.84
> 2017/03/13 10:52:21 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 ~]$
> 2017/03/13 10:52:21 ossec-agentlessd: ERROR: ssh_integrity_check_linux:
> ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 .
> 2017/03/13 10:52:22 ossec-agentlessd: DEBUG: buffer: spawn ssh
> ossec@SERVIDOR-01
> 2017/03/13 10:52:22 ossec-agentlessd: DEBUG: buffer: Last login: Mon Mar 13
> 10:52:01 2017 from 192.168.140.84
> 2017/03/13 10:52:42 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 ~]$
> 2017/03/13 10:52:42 ossec-agentlessd: ERROR: ssh_generic_diff:
> ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 .
>

Try running the script maually:
`cd /var/ossec && expect agentless/ssh_generic_diff AGENTLESSINFO ARGS`

Replace AGENTLESSINFO with the  information from your
ossec.conf, and ARGS with the  info.

>
> Kind regards
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ossec-list+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ossec-list] timeout - ossec-agentlessd: ERROR: ssh_generic_diff: ossec

2017-03-13 Thread Eduardo Reichert Figueiredo 
Dear all,
i have the ERROR below in my ossec server, and not generated alerts from 
Linux (agentless) in ossec.
I search more error similars in this foruns but i dont founded solution.

Can you help me?

2017/03/13 10:42:35 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 ~]$
2017/03/13 10:42:35 ossec-agentlessd: ERROR: ssh_generic_diff: 
ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 .
2017/03/13 10:52:01 ossec-agentlessd: DEBUG: buffer: spawn ssh 
ossec@SERVIDOR-01
2017/03/13 10:52:01 ossec-agentlessd: DEBUG: buffer: Last login: Mon Mar 13 
10:42:15 2017 from 192.168.140.84
2017/03/13 10:52:21 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 ~]$
2017/03/13 10:52:21 ossec-agentlessd: ERROR: ssh_integrity_check_linux: 
ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 .
2017/03/13 10:52:22 ossec-agentlessd: DEBUG: buffer: spawn ssh 
ossec@SERVIDOR-01
2017/03/13 10:52:22 ossec-agentlessd: DEBUG: buffer: Last login: Mon Mar 13 
10:52:01 2017 from 192.168.140.84
2017/03/13 10:52:42 ossec-agentlessd: DEBUG: buffer: [ossec@SERVIDOR-01 ~]$
2017/03/13 10:52:42 ossec-agentlessd: ERROR: ssh_generic_diff: 
ossec@SERVIDOR-01: Timeout while connecting to host: ossec@SERVIDOR-01 .


Kind regards

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.