Just be aware that authd is not intended to constantly run as it provides no client authentication. The desired automation would be to start it upon provisioning of a new client and then stop it once ossec agent was provisioned. This is probably why it is not bundled with the startup scripts.
BTW - maybe because I work with firewall automation at dome9, I'm thinking of a way to automate that using a FW. The concept: - authd is always on. its local iptable FW is set to DENY ALL for authd port (default is tcp 1515) - new server is provisioned: allow temporary access to that new server ip (dome9 has access api where one can provision temporary access-lease to specific IP for a limited time interval) - upon an new agent connected event or after some predefined time interval - return the authd FW to its original closed state. (we have a saying in Hebrew - a carpenter fixes everything with hammer and nails ;) -Roy On Monday, September 16, 2013 12:52:24 PM UTC-7, Blake Johnson wrote: > > I'm looking to better automate my configuration by configuring ossec-authd > as a part of the ossec-control start and stop process. Simply adding > ossec-authd to the SDAEMONS and DAEMONS variable list would result in the > service starting, but I would like it to do so with the -i flag so I retain > IP address information. > > Is anyone running with this configuration now and willing to share a patch? > > If not I will take a shot at it and share back. > > Blake > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
