Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add key request settings to the Authd configuration #3690

Closed
chemamartinez opened this issue Nov 19, 2021 · 2 comments · Fixed by #3956
Closed

Add key request settings to the Authd configuration #3690

chemamartinez opened this issue Nov 19, 2021 · 2 comments · Fixed by #3956
Assignees
@Machi3mfl
Labels
type/enhancement Enhancement issue

Comments

@chemamartinez
Copy link
Contributor

chemamartinez commented Nov 19, 2021
edited
Loading

Hi team,

As part of wazuh/wazuh#10399 new options have been added to the Registration Service configuration. Here you can see the API response when adding the new key_request block.

# curl -k -X GET "https://localhost:55000/agents/000/config/auth/auth" -H "Authorization: Bearer $TOKEN"
{
  "data": {
    "auth": {
      "port": 1515,
      "disabled": "no",
      "remote_enrollment": "yes",
      "use_source_ip": "no",
      "purge": "yes",
      "use_password": "no",
      "ssl_verify_host": "no",
      "ssl_auto_negotiate": "no",
      "ciphers": "HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH",
      "ssl_manager_cert": "etc/sslmanager.cert",
      "ssl_manager_key": "etc/sslmanager.key",
      "key_request": {
        "enabled": "yes",
        "exec_path": "python3 /root/key_request_db.py",
        "socket":"/tmp/key_request_socket",
        "timeout": 60,
        "threads": 1,
        "queue_size": 1024
      },
      "force": {
        "enabled": "yes",
        "key_mismatch": "yes",
        "disconnected_time": {
          "enabled": "no",
          "value": 3600
        }
      }
    }
  },
  "error": 0
}

The goal of this issue is to be able to see the new block key_request and its options inside the Registration Service section. This block is optional so it can be missing in the API response.

image

Best regards.
@chemamartinez chemamartinez added the type/enhancement Enhancement issue label Nov 19, 2021
@Machi3mfl Machi3mfl self-assigned this Apr 4, 2022
@Machi3mfl Machi3mfl mentioned this issue Apr 6, 2022
Merged
@Machi3mfl
Copy link
Member

When key request is disabled

Screen Shot 2022-04-06 at 15 41 09

When key request is enabled

Screen Shot 2022-04-06 at 15 40 28

@Machi3mfl Machi3mfl added the 4.4 label Apr 20, 2022
@Machi3mfl Machi3mfl linked a pull request Apr 20, 2022 that will close this issue
Added new key request block in Registration service config #3956
Merged
@gdiazlo gdiazlo moved this to Triage in Release 4.4.0 Jun 28, 2022
@gdiazlo gdiazlo moved this from Triage to Todo in Release 4.4.0 Jun 28, 2022
@AlexRuiz7 AlexRuiz7 moved this from Todo to In Review in Release 4.4.0 Jul 8, 2022
Repository owner moved this from In Review to Done in Release 4.4.0 Jul 11, 2022
@vikman90 vikman90 added this to the Release 4.4.0 milestone Aug 31, 2022
@Mayons95 Mayons95 mentioned this issue Nov 8, 2022
Closed
4 tasks
@Mayons95
Copy link
Contributor

Testing Steps:
Navigate to Management/Configuration/
Check that the key request field it's displayed

To change the value disable/enable edit the ossec.conf file on the auth section, replace the existing config with the following:

auth>


yes

<key_request>
yes
<exec_path>/usr/bin/python /home/script.py</exec_path>
60
1
<queue_size>1024</queue_size>
</key_request>
no
1515
<use_source_ip>no</use_source_ip>
yes
<use_password>no</use_password>
HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@strength

<ssl_verify_host>no</ssl_verify_host>
<ssl_manager_cert>etc/sslmanager.cert</ssl_manager_cert>
<ssl_manager_key>etc/sslmanager.key</ssl_manager_key>
<ssl_auto_negotiate>no</ssl_auto_negotiate>

@Mayons95 Mayons95 mentioned this issue Nov 22, 2022
Closed
7 tasks
@Mayons95 Mayons95 mentioned this issue Dec 7, 2022
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Machi3mfl Machi3mfl

Labels
type/enhancement Enhancement issue
Projects
No open projects
Release 4.4.0
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Added new key request block in Registration service config wazuh/wazuh-dashboard-plugins
5 participants
@Machi3mfl @vikman90 @AlexRuiz7 @chemamartinez @Mayons95