New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Setup to allow running multiple times in sensor-->server config #256

Closed
GoogleCodeExporter opened this Issue Mar 24, 2015 · 4 comments

Comments

Projects
None yet
1 participant
@GoogleCodeExporter

GoogleCodeExporter commented Mar 24, 2015

Update Setup to allow running multiple times in sensor-->server config

Original issue reported on code.google.com by doug.bu...@gmail.com on 13 Apr 2012 at 3:01

@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Code currently looks like this:

# Configure SSH Key authentication to server if necessary
if [ "$SERVERNAME" != "localhost" ]
then
        SSH_DIR="/root/.ssh"
        SSH_CONF="$SSH_DIR/securityonion_ssh.conf"
        mkdir -p $SSH_DIR
        KEY="$SSH_DIR/securityonion"
        if [ ! -f "$KEY" ]
        then
                ssh-keygen -f "$KEY" -N '' >> $LOG
                chmod 600 "$KEY"*
                xfce4-terminal -x ssh-copy-id -i "$KEY".pub $SSH_USERNAME@$SERVERNAME 
        fi
        # May need to prompt the user for sudo password
        xfce4-terminal -x ssh -i "$KEY" -t $SSH_USERNAME@$SERVERNAME sudo echo "Success!"
        # Backup existing rules
        cp /etc/nsm/rules/downloaded.rules /etc/nsm/rules/backup/downloaded.rules.`date +%Y%m%d%H%M%S` | tee -a $LOG
        cp /etc/nsm/rules/local.rules /etc/nsm/rules/backup/local.rules.`date +%Y%m%d%H%M%S` | tee -a $LOG
        # Copy rules from server
        scp -i "$KEY" $SSH_USERNAME@$SERVERNAME:/etc/nsm/rules/downloaded.rules /etc/nsm/rules/downloaded.rules
        scp -i "$KEY" $SSH_USERNAME@$SERVERNAME:/etc/nsm/rules/local.rules /etc/nsm/rules/local.rules
        # Save configuration
        echo "SSH_USERNAME=$SSH_USERNAME" > $SSH_CONF
        echo "SERVERNAME=$SERVERNAME" >> $SSH_CONF
fi

We should probably change this:
        if [ ! -f "$KEY" ]
        then
                ssh-keygen -f "$KEY" -N '' >> $LOG
                chmod 600 "$KEY"*
                xfce4-terminal -x ssh-copy-id -i "$KEY".pub $SSH_USERNAME@$SERVERNAME 
        fi

to something like this:
        [ -f "$KEY" ] && mv $KEY $KEY.old
        ssh-keygen -f "$KEY" -N '' >> $LOG
        chmod 600 "$KEY"*
        xfce4-terminal -x ssh-copy-id -i "$KEY".pub $SSH_USERNAME@$SERVERNAME 

Original comment by doug.bu...@gmail.com on 13 Apr 2012 at 3:04

  • Added labels: ****
  • Removed labels: ****

GoogleCodeExporter commented Mar 24, 2015

Code currently looks like this:

# Configure SSH Key authentication to server if necessary
if [ "$SERVERNAME" != "localhost" ]
then
        SSH_DIR="/root/.ssh"
        SSH_CONF="$SSH_DIR/securityonion_ssh.conf"
        mkdir -p $SSH_DIR
        KEY="$SSH_DIR/securityonion"
        if [ ! -f "$KEY" ]
        then
                ssh-keygen -f "$KEY" -N '' >> $LOG
                chmod 600 "$KEY"*
                xfce4-terminal -x ssh-copy-id -i "$KEY".pub $SSH_USERNAME@$SERVERNAME 
        fi
        # May need to prompt the user for sudo password
        xfce4-terminal -x ssh -i "$KEY" -t $SSH_USERNAME@$SERVERNAME sudo echo "Success!"
        # Backup existing rules
        cp /etc/nsm/rules/downloaded.rules /etc/nsm/rules/backup/downloaded.rules.`date +%Y%m%d%H%M%S` | tee -a $LOG
        cp /etc/nsm/rules/local.rules /etc/nsm/rules/backup/local.rules.`date +%Y%m%d%H%M%S` | tee -a $LOG
        # Copy rules from server
        scp -i "$KEY" $SSH_USERNAME@$SERVERNAME:/etc/nsm/rules/downloaded.rules /etc/nsm/rules/downloaded.rules
        scp -i "$KEY" $SSH_USERNAME@$SERVERNAME:/etc/nsm/rules/local.rules /etc/nsm/rules/local.rules
        # Save configuration
        echo "SSH_USERNAME=$SSH_USERNAME" > $SSH_CONF
        echo "SERVERNAME=$SERVERNAME" >> $SSH_CONF
fi

We should probably change this:
        if [ ! -f "$KEY" ]
        then
                ssh-keygen -f "$KEY" -N '' >> $LOG
                chmod 600 "$KEY"*
                xfce4-terminal -x ssh-copy-id -i "$KEY".pub $SSH_USERNAME@$SERVERNAME 
        fi

to something like this:
        [ -f "$KEY" ] && mv $KEY $KEY.old
        ssh-keygen -f "$KEY" -N '' >> $LOG
        chmod 600 "$KEY"*
        xfce4-terminal -x ssh-copy-id -i "$KEY".pub $SSH_USERNAME@$SERVERNAME 

Original comment by doug.bu...@gmail.com on 13 Apr 2012 at 3:04

  • Added labels: ****
  • Removed labels: ****
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Made above changes to /usr/local/bin/setup and packaged:
/usr/bin/fpm -s dir -t deb -n securityonion-setup -v 20120425 
/usr/local/bin/setup

Original comment by doug.bu...@gmail.com on 24 Apr 2012 at 8:54

  • Changed state: Started
  • Added labels: ****
  • Removed labels: ****

GoogleCodeExporter commented Mar 24, 2015

Made above changes to /usr/local/bin/setup and packaged:
/usr/bin/fpm -s dir -t deb -n securityonion-setup -v 20120425 
/usr/local/bin/setup

Original comment by doug.bu...@gmail.com on 24 Apr 2012 at 8:54

  • Changed state: Started
  • Added labels: ****
  • Removed labels: ****
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Tested by:
Scott Runnels
David Zawdie

Original comment by doug.bu...@gmail.com on 25 Apr 2012 at 10:05

  • Added labels: ****
  • Removed labels: ****

GoogleCodeExporter commented Mar 24, 2015

Tested by:
Scott Runnels
David Zawdie

Original comment by doug.bu...@gmail.com on 25 Apr 2012 at 10:05

  • Added labels: ****
  • Removed labels: ****
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Published:
http://securityonion.blogspot.com/2012/04/security-onion-20120425-now-available.
html

Original comment by doug.bu...@gmail.com on 25 Apr 2012 at 10:06

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****

GoogleCodeExporter commented Mar 24, 2015

Published:
http://securityonion.blogspot.com/2012/04/security-onion-20120425-now-available.
html

Original comment by doug.bu...@gmail.com on 25 Apr 2012 at 10:06

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment