On Wed, Jul 25, 2012 at 8:50 AM, ant's <[email protected]> wrote: > Server is Ubuntu 12.04 and agentless is Ubuntu 12.04 (as both are installed > in the same system) . Both are running instance is Ec2. >
Your server is also the agentless system? If so, please point out what part of the documentation gave you the idea that this was the correct way to set this up so I can fix it. > I have config file for agent less is : > > <agentless> > <type>ssh_integrity_check_linux</type> > <frequency>1</frequency> > <host>[email protected]</host> > <state>periodic</state> > <arguments>/bin /etc/ /sbin</arguments> > </agentless> > > > <agentless> > <type>ssh_pixconfig_diff</type> > <frequency>1</frequency> > <host>[email protected]</host> > <state>periodic_diff</state> > </agentless> > That frequency is ridiculous. > <agentless> > <type>ssh_generic_diff</type> > <frequency>36000</frequency> > <host>[email protected]</host> > <state>periodic_diff</state> > <arguments>ls -la /etc; cat /etc/passwd</arguments> > </agentless> > > I don't think multiple commands are supported. > While I add this [email protected] to list of Ip address, I provided the > password for it (as set up in Ec2). But one thing that I didn't able to > provide is my pem key which I need to connect to the server while using ssh. > You gave it a password to use to login, but the password won't work because you need a key? Doesn't that seem silly? > But not sure where I need to provide the pem file to? > >From http://www.ossec.net/doc/manual/agent/agentless-monitoring.html : "If you want to use public key authentication instead of passwords, you need to provide NOPASS as the password and create the public key: # sudo -u ossec ssh-keygen It will create the public keys inside /var/ossec/.ssh . After that, just scp the public key to the remote box and your password less connection should work." > Thanks in advance.
