Re: {SPAM 06.5} [ossec-list] Re: OSSEC-agentless unable to access

Sat, 27 Mar 2010 07:09:01 -0700 

To test this can you do the following:

# sudo -u ossec ssh root@<ip_of_esx>

and cut and paste to the output?
Here is my working with agentless blog post: <http://praetorianprefect.com/archives/2009/11/ossec-agentless-scripts/> 

~Jeremy Rossi
Praetorian Security Group
W: http://praetoriansecuritygroup.com/ & http://praetorianprefect.com/
--On March 26, 2010 10:40:03 AM -0700 Nino Ibrahim <[email protected]> wrote: 


Hi Dan,
There are no known_hosts file in /var/ossec/.ssh
r...@ubuntu:~# /var/ossec/
active-response/ etc/             rules/           tmp/
agentless/       logs/            .ssh/            var/
bin/             queue/           stats/
r...@ubuntu:/var/ossec/.ssh# ls -l
total 0


On Mar 26, 9:08 pm, "dan (ddp)" <[email protected]> wrote:

Is there a known_hosts file in /var/ossec/.ssh? The one you posted is
the one in  your home directory, and shouldn't affect ossec.
Do a "find /var/ossec -name known_hosts", to see if that file is
somewhere else in that dir. Is there anything in /var/ossec/.ssh?

On Fri, Mar 26, 2010 at 9:55 AM, Nino Ibrahim <[email protected]>
wrote:
> I still can resolve this problem. Is anyone can help me?
> I have try to clear old RSA key using rm -rf .ssh but nothing change.

> @Dan : Here's what you can see my known_hosts:

> r...@ubuntu:~# cat /var/ossec/.ssh/
> cat: /var/ossec/.ssh/: Is a directory
> r...@ubuntu:~# cat /var/ossec/ .ssh/known_hosts (i use space
> between / .ssh)
> cat: /var/ossec/: Is a directory
> | 1|OTtxNZtal2nm+kh6zKcVP8Ey8cs=|HuDx34tZ1JLoG3yGUUcF5+Pxjv8= ssh-rsa
> AAAAB3NzaC1yc2EAAAABIwAAAQEAzhc9hQX3pqV53z0kPShu88p+6pdw/9V/
> RVeejOPRNwM7Ob9QK/F6WQDdGDIDvRtBGtlVdlkEBwEbTvtJHPSFzmeDx9F/
> lQFcHb35M8YQ/aA67w8J/NnsOxO/
> SInDaohQH2YejM64b3kUSZHb4l5zp9mxTP1fGvD5bDlneSIfBi/woNs6WlwyrOUPAj8Yb/
> uwlkf0+TnW7GRA0vsoQ5Jng33e2DK1nXcuYRFw/MgKgCAcQ5Jko/Pk9vhgRBe847R0aa0O
> +HTDmDetCU6nmBDkojbsnIKJeTSaRUvb+zziV7XXLfMs5IpWLLPy6q2JbG3vx2Y
> +OB2jIWSbkPLVxnOzOw==

> Thanks


To unsubscribe from this group, send email to
ossec-list+unsubscribegooglegroups.com or reply to this email with the
words "REMOVE ME" as the subject.





To unsubscribe from this group, send email to ossec-list+unsubscribegooglegroups.com or 
reply to this email with the words "REMOVE ME" as the subject.

Reply via email to