[Bro] SSH

[Karl Kamin]

We are setting up a cluster for Bro.  I have setup two machines that have 2 worker threads each.  The first machine runs  the manager and proxy functions too.  When I run broctl install it is apparent that the ssh connection fails. I have used password-less rsa logins for years and am familiar with creating rsa keys, and configuring ssh to use the keys.  What I cannot figure out is how the bro user (bro) is configured to find the key.

Here is the output from my install.  Permissions for the user bro should be correct on both systems. (chown bro:bro /usr/local/bro -R)

++++++++++++++

[bro at payshuntzero bro]$  /usr/local/bro/bin/broctl check
manager is ok.
proxy-1 is ok.
worker-1 is ok.
worker-2 is ok.
worker-3 is ok.
worker-4 is ok.

++++++++++++++

[bro at payshuntzero bro]$  /usr/local/bro/bin/broctl install
waiting for lock ....... ok
removing old policies in /usr/local/bro/spool/installed-scripts-do-not-touch/site ... done.
removing old policies in /usr/local/bro/spool/installed-scripts-do-not-touch/auto ... done.
creating policy directories ... done.
installing site policies ... done.
generating cluster-layout.bro ... done.
generating local-networks.bro ... done.
generating broctl-config.bro ... done.
updating nodes ... warning: host patientone is not alive
warning: cannot create directory /usr/local/bro/spool/tmp on worker-3
warning: cannot create directory /usr/local/bro/spool/tmp on worker-3
warning: cannot create directory /usr/local/bro/spool/tmp on worker-3
warning: cannot create directory /usr/local/bro/spool/tmp on worker-3
warning: error rsyncing to patientone: ['Host key verification failed.\r', 'rsync: connection unexpectedly closed (0 bytes received so far) [sender]', 'rsync error: unexplained error (code 255) at io.c(600) [sender=3.0.6]']
done.
[bro at payshuntzero bro]$
++++++++++++++

Karl


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20120910/1ca646be/attachment.html