Hello, my name is Christopher and I’m doing undergrad research using Bro to make an IDS for one of the servers of my mentor.
One of my first approaches was to start doing this video: https://www.youtube.com/watch?v=it7SZli61ZM
in which it setups a cluster using Vagrant. I’ve been struggling for at least 5 days trying to make it work. I’ve changed permissions, ssh-keys, etc.
The thing is that every time is use ‘broctl’ and do ‘install’ or ‘deploy’ on it… it says this:
Permission denied (publickey,password).
Error: cannot create (some of the) directories /nsm/bro,/nsm/bro/logs,/nsm/bro/spool,/nsm/bro/spool/tmp on node worker-1
I used this site to install bro on Ubuntu of Vagrant:
http://knowm.org/how-to-install-bro-network-security-monitor-on-ubuntu/
So yeah, apparently my host doesn’t have control over its slaves even tho’ I could ping to it. I used 10.2.2.10 for the host and 10.2.2.11 for the slave in the Vagrantfile.
Any other information that you guys need, let me know. This is pretty much the overview of what i’ve done. Thank you in advance.
Do you add ssh key of master in authorized_keys file in workers into .ssh folder?
Maybe here is the problem.
Sorry for my english.
Do you add ssh key of master in authorized_keys file in workers into .ssh folder?
Maybe here is the problem.
Sorry for my english.
Well, that’s the thing. I did it. not sure if I did it right, but I did what i know of RSA. I made the sss-keygen, used that same key and copied it into the shared folder and with the slave I took it and put it in the .ssh. Is there another way of doing it? Besides, every time I tried to do ‘scp’ it asked for the root password of the slave which I think it’s a private key.
You could make cat .ssh / id_rsa.pub of master’s file and then paste it into .ssh / authorized_keys file of each worker (if not exists, create it). Then you make sure if you can connect via ssh to each worker from master.
Everything I do with root (in /root folder).
Saludos.
The linked Vagrant configuration was used in the video and has been recently updated - https://github.com/jonschipp/vagrant/tree/master/bro-cluster
It will provision a Bro cluster with 3 machines - 1x manager, 2x worker nodes. It automates the entire setup including the ssh configuration.