Installing Wazuh on Ubuntu 22.04

[Cyprien Chapelle]

Hello,

I installed Wazuh-manager on an Ubuntu machine, I don't have root access but only a user under "sudo". The problem is that the /var/ossec directory is inaccessible because it is owned by root and the ossec group.
So I should log in to the ossec user account, right? But where to find the password?

[Anthony Faruna]

Hello Cyprien

Thank you for using Wazuh 

I suggest the best possible way to resolve the issue is to change the password for the user account since you cannot remember it.

 Kindly follow the steps below to change the password

1. Download the script for changing password using the command curl -so wazuh-passwords-tool.sh https://packages.wazuh.com/4.3/wazuh-passwords-tool.sh
   
2. Then run the command bash wazuh-passwords-tool.sh -u user account name -p newpassword where user account name should the user account you want to change the password and newpassword is the password you want to create

You can refer to this documentation about changing passwords for clarification 

Please let me know if you have any questions

Best Regards

--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/3b482a41-058e-4ec8-9f6d-56d561fbfc2en%40googlegroups.com.

[Cyprien Chapelle]

Thank you for your reply.

In fact the /var/ossec directory has the following accesses:

root:ossec

That's why I want to log in as user ossec. But I thought that user had a default password when installing..

I did your commands but it returns me:

bash: wazuh-passwords-tools.sh: no such file or directory

[Cyprien Chapelle]

Ok, with sudo it's okay

[Cyprien Chapelle]

I explain my problem more clearly.

I installed wazuh+elk with this script: https://packages.wazuh.com/4.3/wazuh-install.sh on Ubuntu 22.04. 

On my OS version I don't have root access but only a sudo user. The problem is that the wazuh directory is configured with these permissions:

drwxr-x--- root ossec

Le mercredi 14 septembre 2022 à 20:36:46 UTC+2, Cyprien Chapelle a écrit :

But the user "ossec" doesn't exist apparently, maybe I need to add my current user (named admin) in the ossec group?

[Anthony Faruna]

Hello Cyprien

Did you download the passwords-tool.sh  using this command curl -so wazuh-passwords-tool.sh https://packages.wazuh.com/4.3/wazuh-passwords-tool.sh before running the bash wazuh-passwords-tool.sh -a command

I will waiting for your response 

Best Regards

To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/bdfbc501-b9ac-41f1-ae5d-d6ffc8e71f98n%40googlegroups.com.

[Cyprien Chapelle]

So I  gave all users access to the ossec directory, however I get the following error when I run ./manage-agent -l :

[Anthony Faruna]

Hello Cyprien

Please what operation are you trying to perform ?

Best Regards

To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/4a5a6e4f-6009-4337-804e-a6c09c19d3f4n%40googlegroups.com.

[Anthony Faruna]

Hello Cyprien

Have you been able to address the challenge 

Please can you try using sudo before the commands to grant it administrative permission 

Hope to hear from you soon

Best Regards