[Bro] Bro Cluster Documentation Error

Davison, Charles Robert cdaviso1 at vols.utk.edu
Mon Sep 14 14:24:28 PDT 2015 

Please see the attached document on how configured the host entries.

I can ssh into the computers as my ubuntu user fine, but I copied over my keys as follows:

scp -v ~/.ssh/id_rsa.pub root at 172.31.41.31:/home/ubuntu/.ssh/authorized_keys2
scp -v ~/.ssh/id_rsa.pub root at 172.31.41.33:/home/ubuntu/.ssh/authorized_keys2

Is this an issue? I tried using ubuntu as the user and it hangs:

ubuntu at ip-172-31-41-32:~$ scp -v ~/.ssh/id_rsa.pub ubuntu at 172.31.41.33:/home/ubuntu/.ssh/authorized_keys2
Executing: program /usr/bin/ssh host 172.31.41.33, user ubuntu, command scp -v -t /home/ubuntu/.ssh/authorized_keys2
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 172.31.41.33 [172.31.41.33] port 22.
debug1: Connection established.
debug1: identity file /home/ubuntu/.ssh/id_rsa type 1
debug1: identity file /home/ubuntu/.ssh/id_rsa-cert type -1
debug1: identity file /home/ubuntu/.ssh/id_dsa type -1
debug1: identity file /home/ubuntu/.ssh/id_dsa-cert type -1
debug1: identity file /home/ubuntu/.ssh/id_ecdsa type -1
debug1: identity file /home/ubuntu/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/ubuntu/.ssh/id_ed25519 type -1
debug1: identity file /home/ubuntu/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm at openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm at openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA d1:0a:e6:c3:bf:ee:23:5a:63:63:ce:c8:71:41:88:29
debug1: Host '172.31.41.33' is known and matches the ECDSA host key.
debug1: Found key in /home/ubuntu/.ssh/known_hosts:2
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/ubuntu/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Authenticated to 172.31.41.33 ([172.31.41.33]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions at openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending command: scp -v -t /home/ubuntu/.ssh/authorized_keys2
Sending file modes: C0644 404 id_rsa.pub
scp: /home/ubuntu/.ssh/authorized_keys2: Permission denied
ubuntu at ip-172-31-41-32:~$ Sink: C0644 404 id_rsa.pub
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: fd 1 clearing O_NONBLOCK
Transferred: sent 3472, received 2636 bytes, in 0.2 seconds
Bytes per second: sent 18676.3, received 14179.4
debug1: Exit status 1

________________________________________
From: Daniel Thayer <dnthayer at illinois.edu>
Sent: Monday, September 14, 2015 2:17 PM
To: Davison, Charles Robert; bro at bro.org
Subject: Re: [Bro] Bro Cluster Documentation Error

When you check if you can ssh to the other machines in your cluster,
you need to make sure you're running ssh as the same user that
you're running broctl.

Also, what did you specify for the "host=" entries in your node.cfg?



On 09/14/2015 02:56 PM, Davison, Charles Robert wrote:
> I assume attachments don't work... here is the test output:
>
>
> root at ip-172-31-41-32:/home/ubuntu# export PATH=/usr/local/bro/bin:$PATH
>
> root at ip-172-31-41-32:/home/ubuntu# broctl
>
> Warning: broctl node config has changed (run the broctl "deploy" command)
>
> Warning: Bro node "bro" possibly still running on host "localhost" (PID
> 16564)
>
>
> Welcome to BroControl 1.4
>
>
> Type "help" for help.
>
>
> [BroControl] > install
>
> removing old policies in
> /usr/local/bro/spool/installed-scripts-do-not-touch/sit
>                                                              e ...
>
> removing old policies in
> /usr/local/bro/spool/installed-scripts-do-not-touch/aut
>                                                              o ...
>
> creating policy directories ...
>
> installing site policies ...
>
> generating cluster-layout.bro ...
>
> generating local-networks.bro ...
>
> generating broctl-config.bro ...
>
> generating broctl-config.sh ...
>
> updating nodes ...
>
> Host key verification failed.
>
> Host key verification failed.
>
> Error: cannot create (some of the) directories
> /usr/local/bro,/usr/local/bro/log
>
> s,/usr/local/bro/spool,/usr/local/bro/spool/tmp on node worker-1
>
> [BroControl] > Host key verification failed.
>
> Host key verification failed.
>
> Host key verification failed.
>
> Host key verification failed.
>
>
>
> Thank you,
>
> Charles
>
>
> ------------------------------------------------------------------------
> *From:* Davison, Charles Robert
> *Sent:* Monday, September 14, 2015 1:41 PM
> *To:* bro at bro.org
> *Subject:* Bro Cluster Documentation Error
>
>
> Good Afternoon,
>
>
> I am trying to make documentation for installing a bro cluster
> configuration, and receive the attached error when trying to install via
> broctl. I can log into both of my worker nodes from the bro manager via
> ssh fine, and without a password...
>
>
> Thank you,
>
> Charles
>
>
>
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image2015-9-14 9-57-23.png
Type: image/png
Size: 55257 bytes
Desc: image2015-9-14 9-57-23.png
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150914/a0e13cde/attachment-0001.bin

More information about the Bro mailing list