We are setting up a cluster for Bro. I have setup two machines that have 2 worker threads each. The first machine runs the manager and proxy functions too. When I run broctl install it is apparent that the ssh connection fails. I have used password-less rsa logins for years and am familiar with creating rsa keys, and configuring ssh to use the keys. What I cannot figure out is how the bro user (bro) is configured to find the key.
Here is the output from my install. Permissions for the user bro should be correct on both systems. (chown bro:bro /usr/local/bro –R)
What I cannot figure out is how the bro user (bro) is configured to find the key.
BroControl doesn't have any special options to tweak that, it would just be whatever is configured in ssh_config(5) on the local system or sshd_config(5) on the remote in the case you need to do something other than the standards/defaults for ssh.
warning: error rsyncing to patientone: ['Host key verification failed.\r', 'rsync: connection unexpectedly closed (0 bytes received so far) [sender]', 'rsync error: unexplained error (code 255) at io.c(600) [sender=3.0.6]']
Are you able to just ssh into it on the command line? I'm guessing either 1) no entry is in ~/.ssh/known_hosts and rsync isn't going to automatically trust a host for you or 2) an orphaned entry is in ~/.ssh/known_hosts (maybe because the remote OS was re-installed fresh). Or there's a MITM.