Are the ssh packets making it to the agentless device? Are there any logs on the agentless device mentioning any issues with the ssh connection?
On Mon, Feb 28, 2011 at 3:02 PM, Tanishk Lakhaani <[email protected]> wrote: > Hi daniel, > We are using an IP address for the same > > Still the same issues > Regards > Tanishk Lakhaani > Sent from BlackBerry® on Airtel > > -----Original Message----- > From: "dan (ddp)" <[email protected]> > Sender: [email protected] > Date: Mon, 28 Feb 2011 14:56:32 > To: <[email protected]> > Reply-To: [email protected] > Subject: Re: [ossec-list] Re: > > Hi Saboor, > > On Mon, Feb 28, 2011 at 11:28 AM, Saboor <[email protected]> wrote: >> Hi Dan >> >> I am trying to install OSSEC Agentless for monitoring .Successfully added >> the IP of the host in the 'register_host.sh' (in var/ossec/agentless)and the >> script 'ssh_integrity_check_linux' in the ossec.conf (in >> var/ossec/etc/ossec.conf). >> >> While generating the public/private key using the command in ossec :'sudo -u >> ossec ssh-keygen -t rsa' >> I was encountering the error "Could not create directory / var/ossec/.ssh' >> For rectifying this error I had change the file permission of OSSEC to 777 . > > This is a bad fix. Very few things need 777. You have introduced a > security issue into your environment. > >> I have scp the public key from server to the host by running the command >> scp /var/ossec/.ssh/id_rsa.pub [email protected]:/root/.ssh/authorized_keys >> it has successfully been added to the host >> Now while restarting the ossec on my server and checking the logs of the >> same I encounter an error which is : >> >> 2011/02/28 18:19:03 ossec-agentlessd: ERROR: >> ssh_integrity_check_linux: [email protected]: Timeout while connecting to >> host: [email protected] >> > > Are you using the IP address or the hostname when trying to connect to > it? I haven't used the agentless in a while, so I can't remember if it > can resolve hostnames. > Try registering the IP address instead of the hostname. > >> Please Advise >> >> -- >> Regards, >> Saboor Rafiq >> >
