Hi List,
I been working around some mass deployment issues for ossec agents on linux
and windows and have this little nugget ...
The problem I have is with the missing authd client on the agent install
for windows ... so instead of trying to find someone in the office that can
compile a windows version (and get around all the deps) for me I did this
simple test ...
(after reviewing the src ofc .. some details below scrambled)
open connection with openssl
openssl s_client -connect XXX.XXX.XXX.XXX:1515 -ssl3
send string
OSSEC A:'host.fqdn.net'\n
receive back string
OSSEC K:'1027 host.fqdn.net
XXX.XXX.XXX.XXX
1b1da0fsdfsdfsfsdfsfsdfsfdsfd62817226sdfsfsfdsfdsdfsdfsdfsfdfbd'
parse string and place in client.keys
1027 host.fqdn.net
XXX.XXX.XXX.XXX 1b1da0fsdfsdfsfsdfsfsdfsfdsfd62817226sdfsfsfdsfdsdfsdfsdfsfdfbd
Simple PowerShell could easily make this connection, parse the response and
create the key file ...with some minimal effort.
A novel way around the problem of automatic windows install ... as the
script can easily be launched via various methods?
Anyone see any problem with this approach?
Regards
/nick
