I just changed it to root:ossec and it worked :) Thanks! On Wed, Aug 22, 2012 at 9:41 AM, Daniel Cid <[email protected]> wrote:
> Yes, the ossecr user (or ossec group) needs permission to read it. > > thanks, > > On Wed, Aug 22, 2012 at 1:00 PM, OSSEC junkie <[email protected]> > wrote: > > I am getting permission errors on client.keys: > > 2012/08/22 08:44:38 ossec-remoted(4111): INFO: Maximum number of > > agents allowed: '3500'. > > 2012/08/22 08:44:38 ossec-remoted(1410): INFO: Reading authentication > keys file. > > 2012/08/22 08:44:38 ossec-remoted(1103): ERROR: Unable to open file > > '/etc/client.keys'. > > 2012/08/22 08:44:38 ossec-remoted(1750): ERROR: No remote connection > > configured. Exiting. > > > > > > My configuration (permissions) for the file is: > > > > root@wu-tang:/var/ossec/etc# ls -al > > total 184 > > dr-xr-x--- 3 root ossec 4096 Aug 20 06:02 . > > dr-xr-x--- 13 root ossec 4096 Aug 20 05:59 .. > > -r--r----- 1 root root 57369 Aug 20 06:22 client.keys > > > > I assume it needs to be root:ossec but wanted to get final confirmation. > > > > Can you let me know please? >
