[ossec-list] Re: /etc/client.keys not found

[Forrest Aldrich <forrie@xxxxxxxxxx>]

Oops.

Also forgot to mention that it's looking for /etc/client.keys..... it's 
not supposed to, it's supposed to be looking in 
/var/ossec/etc/client.keys -- and that file *is* populated with keys.

I am trying to figure out where the /var/ossec portion got truncated in 
this.



Daniel Cid wrote:
> Hi Forrest,
>
> You need to run the manage_agents tool to add the agents you want
> to connect to your server. The first message means that there is no
> agent allowed to connect. The second message means that you
> didn't allow any IP to send remote syslog messages to ossec, so
> it has no reason to run (nothing is allowed)...
>
> Hope it helps,
>
> --
> Daniel B. Cid
> dcid ( at ) ossec.net
>
> On 9/5/06, Forrest Aldrich <forrie@xxxxxxxxxx> wrote:
> >  Maybe I hit a small config bug here.  I installed 0.9.1-a which 
> > defaults
> > all under /var/ossec:
> >
> >
> > 2006/09/05 16:11:00 ossec-remoted(1402): Authentication key file
> > '/etc/client.keys' not found.
> >
> >  This was generated when one of my agent installs tried to 
> > authenticate, I
> > believe.
> >
> >  I also noticed this:
> >
> >
> > 2006/09/05 16:10:59 ossec-remoted(1501): No IP or network allowed in the
> > access list for syslog. No reason for running it. Exiting.
> >
> >  So it seems something got missed during the initial config... or did 
> > I miss
> > something.
> >
> >
> >  Thanks.