On Oct 4, 11:22 am, Joe S <[email protected]> wrote: > After numerous days of testing, I can confirm that invalid keys are > getting created when I use the process described here: > > http://dcid.me/2011/01/automatically-creating-and-setting-up-the-agen... > > I rolled out the Atomic ossec-client RPM to 10 clients. The clients > keys get populated in the OSSEC server. After restarting the server, > my logs are filled with ERROR 1213 (host x.x.x.x not allowed). When I > delete the key and recreate it, it works. > > Note: When I run base64 -d and paste the base64 key, I get the same > string in the client.keys file, but at the end is says: > > "base64: invalid input" > > That ^^ appears to be a problem.
I don't know what to do. I can't undertand why I'm getting: 2011/10/04 11:40:44 ossec-remoted(1213): WARN: Message from x.x.x.x not allowed. I've used keys with or via: * the authd/agent-auth registration * short hostname * short id number (001 instead of 1024) Each time I import the key and restart the client and server, I still get these messages. Then I create the key, with long hostname, key id of 1040, BUT I SET THE IP ADDRESS, and it WORKS. IP of ANY is still not working of me on the following setup: * Clients (multiple RHEL 6.1 AMD64) using Atomic ossec-hids-client * Server (RHEL 5.7 AMD64) using OSSEC tar.gz with patches from mercurial. I know this is an open source project and I intend to make no demands of anyone's time. I don't know if this is a bug or an undocumented feature. It seems like a bug, but the last email thread I had with Daniel indicated that this couldn't be a bug and that significant code would have had to have been changed for this to be true. So I don't know what to do. :-\
