Hello, Cisco settings is setup correctly because I manually logon to ASA without any issues and run the command "show ran conf". Do you which line has to be configure in script? In password list I have registered login and password by "*register_host.sh*" and I successfully authenticate (without ENABLE mode) when I start checking the script. I have only issue with ENABLE mode password.
KR, Yurii 2016-03-28 13:57 GMT+03:00 Eero Volotinen <eero.voloti...@iki.fi>: > You need to configure correct enable password in cisco and script too. (or > to password list) > > -- > Eero > > 2016-03-28 13:46 GMT+03:00 Yurii Shatylo <yuriishat...@gmail.com>: > >> Dear Colleagues, >> >> Some time ago I setup Cisco ASA agentless monitoring. After Brent’s >> clarification I found out that I have missed some settings which I >> successfully setup. When the settings were implemented I tried to check by >> “./agentless/ssh_asa-fwsmconfig_diff user...@192.168.0.1” command but >> result was unsuccessful. The first authentication level is OK but when the >> script pushed “enable” command I got error: >> >> >> >> “*enable* >> >> *Password:* >> >> *Invalid password* >> >> *Password: ERROR: Incorrect enable password to remote host: >> ishatylo@192.168.0.1 <ishatylo@192.168.0.1>* “ >> >> >> >> I guess it connected with some missing information in the scrip or maybe >> else. Could you please help me? >> >> Thank you in advance. >> >> KR, Yurii >> >> 2016-03-26 18:21 GMT+02:00 Yurii Shatylo <yuriishat...@gmail.com>: >> >>> Hi Brent! >>> >>> I have provided authentication information follow the document. As the >>> result I got: >>> >>> *Host ishatylo@192.168.1.1 added >>> >>> After that started ./ssh_asa-fwsmconfig_diff ishatylo@192.168.1.1 but >>> got an error: >>> >>> ERROR: Password list not present (use "register_host" first) >>> >>> Do you know how to fix it? >>> >>> Yurii >>> >>> >>> On Thursday, March 17, 2016 at 5:21:35 PM UTC+2, Brent Morris wrote: >>> >>>> Hi Yurii, >>>> >>>> Did you use the register_host.sh script as documented >>>> http://ossec-docs.readthedocs.org/en/latest/manual/agent/agentless-monitoring.html >>>> ? If so, there should be a file called .passlist in the >>>> /var/ossec/agentless folder. open that file and ensure the information is >>>> correct. >>>> >>>> You can test your agentless with this method. >>>> >>>> be sure your current working directory is /var/ossec >>>> >>>> pwd >>>> /var/ossec >>>> >>>> from there.. >>>> >>>> ./agentless/ssh_asa-fwsmconfig_diff user...@192.168.0.1 >>>> >>>> Check the output and see where the trouble is. >>>> >>>> Hope this helps!!! >>>> >>>> -Brent >>>> >>>> >>>> >>>> >>>> >>>> On Wednesday, March 16, 2016 at 8:24:29 AM UTC-7, Yurii Shatylo wrote: >>>>> >>>>> Dear Colleagues, >>>>> >>>>> Could you give me a hand with my issue? >>>>> I've put credentials to the *ssh_asa-fwsmconfig_diff *and as the >>>>> result I've got (2016/03/16 11:29:13 ossec-agentlessd: INFO: Test passed >>>>> for 'ssh_asa-fwsmconfig_diff). After that I deleted ACL on the cisco asa >>>>> but nothing happened. It seems like script which produces difference is >>>>> not >>>>> working. >>>>> *There is my general config file:* >>>>> >>>>> <agentless> >>>>> <type>ssh_asa-fwsmconfig_diff</type> >>>>> <frequency>300</frequency> >>>>> <host>user...@192.168.0.1</host> >>>>> <state>periodic_diff</state> >>>>> </agentless> >>>>> >>>>> *Thank you in advance.* >>>>> *Yurii* >>>>> >>>> -- >>> >>> --- >>> You received this message because you are subscribed to a topic in the >>> Google Groups "ossec-list" group. >>> To unsubscribe from this topic, visit >>> https://groups.google.com/d/topic/ossec-list/FXo7fizdOII/unsubscribe. >>> To unsubscribe from this group and all its topics, send an email to >>> ossec-list+unsubscr...@googlegroups.com. >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> >> >> -- >> С уважением, >> Юрий >> >> -- >> >> --- >> You received this message because you are subscribed to the Google Groups >> "ossec-list" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to ossec-list+unsubscr...@googlegroups.com. >> For more options, visit https://groups.google.com/d/optout. >> > > -- > > --- > You received this message because you are subscribed to a topic in the > Google Groups "ossec-list" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/ossec-list/FXo7fizdOII/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > ossec-list+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- С уважением, Юрий -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
