ossec-authd

The ossec-authd program can automatically add an agent to a Wazuh manager and provide the key to the agent. It’s used along with the agent-auth application. The program creates an agent with an IP address of any instead of using a specific IP address.

Warning

By default, there is no authentication or authorization involved in this transaction, so it is recommended that this daemon only be run when a new agent is being added.

-V

Version and license message.

-h

This help message.

-d

Debug mode. Use this parameter multiple times to increase the debug level.

-t

Test configuration.

-f

Run in foreground.

-g <group>

Group to run as.

Default

ossec

-D <dir>

Directory to chroot into.

Default

/var/ossec

-p <port>

Manager port.

Default

1515

-P

Enable shared password authentication, at /var/ossec/etc/authd.pass or random.

-c <ciphers>

SSL cipher list. The format of this parameter is described in SSL ciphers.

Default

HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH

-v <path>

Full path to CA certificate used to verify clients.

-s

Used with -v, enable source host verification.

-x <path>

Full path to server certificate.

Default

/var/ossec/etc/sslmanager.cert.

-k <path>

Full path to server key.

Default

/var/ossec/etc/sslmanager.key.

-a

Auto negotiate the most secure common SSL/TLS method with the client.

Default

TLS v1.2 only (if supported by the server).

-L

Force insertion even though agent limit has been reached.