search

Ylianst / MeshCentral

A complete web-based remote monitoring and management web site. Once setup you can install agents and perform remote desktop session to devices on the local network or over the Internet.
https://meshcentral.com
Apache License 2.0
4.25k stars 569 forks source link

Unable to see clients in Ubuntu as well as windows #2920

Open nagainfotech opened 3 years ago

nagainfotech commented 3 years ago

Hi Ylian, First of all thank you for such an amazing software you have developed. I have followed this youtube link and was able to install everything from scratch and when i ran the command for agents and downloaded windows agent, i am not able to see the agents in the meshcentral server.

https://www.youtube.com/watch?v=pGBIjBGqlfI

Error in windows agent log file is = [2021-07-18 08:33:06 PM] FATAL EXCEPTION [meshagent64-HomeSYD_3BCE6DD27B571420.exe] @ [FuncAddr: 0x000000013ff4abc4 / BaseAddr: 0x000000013ff44700 / Delta: -25796]

Ubuntu = says installing service [done] and starting service...[ok]

but i cant see any agents in the web interface. appreciate your help

krayon007 commented 3 years ago

What version of Windows are you running? For Linux, if you can run it in console mode, you can see what (if any) errors are reported. To do that, open a terminal and go to the install path, usually something like: /usr/local/mesh_services/

and then the agent from the command line. It will display a bunch of messages to stdout.

Ylianst commented 3 years ago

Are you running MeshCentral in LAN mode or WAN mode? There is a video on this topic here. If you are in LAN mode, the agents will multicast on the local network to find your server.

If you are in Hybrid or WAN mode, you need to set a valid DNS name in the config.json that agents will use to find and connect to the server. Something like....

{
  "settings": {
    "cert": "myserver.example.com",
  }
}

If that name is not valid, agents will not be able to connect back. Also, MeshCentral will not setup a DNS name for you. You need to do that on your own. Hope that helps.

nagainfotech commented 3 years ago

Hi Ylian

i am getting these kind of logs

Agent reported web cert hash:1a9e41477ea8051ec1d842c9df58c5f9f7a19fb7fe1531cb00b5212479fff325990881f591956863098a883b0312997d.

Agent bad web cert hash (Agent:1a9e41477e != Server:1e62a3ccd6 or 498c1b51b3), holding connection (172.19.0.1:56318).

Agent reported web cert hash:1a9e41477ea8051ec1d842c9df58c5f9f7a19fb7fe1531cb00b5212479fff325990881f591956863098a883b0312997d.

i set it up on a VPS server WAN

Kind Regards, Santosh T NagaInfoTech http://www.nagainfotech.com

Ylianst commented 3 years ago

This error Agent bad web cert hash is because the MeshAgent is connecting to a server with a different TLS certificate from your server certificate. This should be a security problem where someone is trying to do a "man-in-the-middle" attack or you did not setup your reverse-proxy correctly.

If you have a reverse proxy, look at this video on how to set it up correctly.

You can also add this line in the setting section of the config.json:

"ignoreagenthashcheck": true

This may fix the problem, but this is not secure. Let me know if that helps.

nagainfotech commented 3 years ago

Hi Ylian,

I have wiped my VPS server and restarted and successfully installed the meshcentral server now. i created group called Santosh Home and downloaded linux script and ran on my ubuntu laptop and getting error as below:

[image: image.png] Kind Regards, Santosh T NagaInfoTech http://www.nagainfotech.com

On Tue, Jul 20, 2021 at 1:55 AM Ylian Saint-Hilaire < @.***> wrote:

This error Agent bad web cert hash is because the MeshAgent is connecting to a server with a different TLS certificate from your server certificate. This should be a security problem where someone is trying to do a "man-in-the-middle" attack or you did not setup your reverse-proxy correctly.

If you have a reverse proxy, look at this video on how to set it up correctly https://www.youtube.com/watch?v=YSmiLyKSX2I.

You can also add this line in the setting section of the config.json:

"ignoreagenthashcheck": true

This may fix the problem, but this is not secure. Let me know if that helps.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Ylianst/MeshCentral/issues/2920#issuecomment-882662203, or unsubscribe https://github.com/notifications/unsubscribe-auth/AQ4CEBV563IMPLVVSAO32E3TYRDIHANCNFSM5ASA27WA .

nagainfotech commented 3 years ago

i logged in as sudo su root admin and ran the script again and below is what i get:

@.***:/home/yash# (wget " https://remote.nagainfotech.com/meshagents?script=1" --no-check-certificate -O ./meshinstall.sh || wget " https://remote.nagainfotech.com/meshagents?script=1" --no-proxy --no-check-certificate -O ./meshinstall.sh) && chmod 755 ./meshinstall.sh && sudo -E ./meshinstall.sh https://remote.nagainfotech.com '0ixMYU5KoII5hbz1gkXmg0nhm7KoUW@$OKF9$6DAaYAiHhHODYXV5z9wJv$1rG$3' || ./meshinstall.sh https://remote.nagainfotech.com '0ixMYU5KoII5hbz1gkXmg0nhm7KoUW@$OKF9$6DAaYAiHhHODYXV5z9wJv$1rG$3' --2021-07-25 22:18:39-- https://remote.nagainfotech.com/meshagents?script=1 Resolving remote.nagainfotech.com (remote.nagainfotech.com)... 45.124.53.150 Connecting to remote.nagainfotech.com (remote.nagainfotech.com)|45.124.53.150|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 5466 (5.3K) [application/octet-stream] Saving to: './meshinstall.sh’

./meshinstall.sh 100%[===================>] 5.34K --.-KB/s in 0s

2021-07-25 22:18:39 (153 MB/s) - './meshinstall.sh’ saved [5466/5466]

Downloading agent #6... --2021-07-25 22:18:39-- https://remote.nagainfotech.com/meshagents?id=6 Resolving remote.nagainfotech.com (remote.nagainfotech.com)... 45.124.53.150 Connecting to remote.nagainfotech.com (remote.nagainfotech.com)|45.124.53.150|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 3638608 (3.5M) [application/octet-stream] Saving to: './meshagent’

./meshagent 100%[===================>] 3.47M 2.86MB/s in 1.2s

2021-07-25 22:18:41 (2.86 MB/s) - './meshagent’ saved [3638608/3638608]

Agent downloaded. --2021-07-25 22:18:41-- https://remote.nagainfotech.com/meshsettings?id=0ixMYU5KoII5hbz1gkXmg0nhm7KoUW@$OKF9$6DAaYAiHhHODYXV5z9wJv$1rG$3 Resolving remote.nagainfotech.com (remote.nagainfotech.com)... 45.124.53.150 Connecting to remote.nagainfotech.com (remote.nagainfotech.com)|45.124.53.150|:443... connected. HTTP request sent, awaiting response... 401 Unauthorized

Username/Password Authentication Failed. % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 12 100 12 0 0 62 0 --:--:-- --:--:-- --:--:-- 62 ...Checking for previous installation of "meshagent" [FOUND: /usr/local/mesh_services/meshagent/meshagent] -> Stopping Service... [STOPPED] -> Uninstalling previous installation... [DONE] -> Checking for secondary agent... [NONE] ...Installing service [DONE] -> Starting service... [OK] @.***:/home/yash#

Kind Regards, Santosh T NagaInfoTech http://www.nagainfotech.com

On Sun, Jul 25, 2021 at 5:04 PM @. @.> wrote:

Hi Ylian,

I have wiped my VPS server and restarted and successfully installed the meshcentral server now. i created group called Santosh Home and downloaded linux script and ran on my ubuntu laptop and getting error as below:

[image: image.png] Kind Regards, Santosh T NagaInfoTech http://www.nagainfotech.com

On Tue, Jul 20, 2021 at 1:55 AM Ylian Saint-Hilaire < @.***> wrote:

This error Agent bad web cert hash is because the MeshAgent is connecting to a server with a different TLS certificate from your server certificate. This should be a security problem where someone is trying to do a "man-in-the-middle" attack or you did not setup your reverse-proxy correctly.

If you have a reverse proxy, look at this video on how to set it up correctly https://www.youtube.com/watch?v=YSmiLyKSX2I.

You can also add this line in the setting section of the config.json:

"ignoreagenthashcheck": true

This may fix the problem, but this is not secure. Let me know if that helps.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Ylianst/MeshCentral/issues/2920#issuecomment-882662203, or unsubscribe https://github.com/notifications/unsubscribe-auth/AQ4CEBV563IMPLVVSAO32E3TYRDIHANCNFSM5ASA27WA .

nagainfotech commented 3 years ago

Hi Ylian

can you please help me resolve the below issue

@.***:/home/yash# (wget " https://remote.nagainfotech.com:8086/meshagents?script=1" --no-check-certificate -O ./meshinstall.sh || wget " https://remote.nagainfotech.com:8086/meshagents?script=1" --no-proxy --no-check-certificate -O ./meshinstall.sh) && chmod 755 ./meshinstall.sh && sudo -E ./meshinstall.sh https://remote.nagainfotech.com:8086 'hMftvnKZTLHQph2RI7C7x6XfQ0BVz7rdPygzUx@$HuATN7CAsKtcfSnRd$jvWz3f' || ./meshinstall.sh https://remote.nagainfotech.com:8086 'hMftvnKZTLHQph2RI7C7x6XfQ0BVz7rdPygzUx@$HuATN7CAsKtcfSnRd$jvWz3f' --2021-07-28 22:23:53-- https://remote.nagainfotech.com:8086/meshagents?script=1 Resolving remote.nagainfotech.com (remote.nagainfotech.com)... 45.124.53.150 Connecting to remote.nagainfotech.com (remote.nagainfotech.com)|45.124.53.150|:8086... connected. WARNING: cannot verify remote.nagainfotech.com's certificate, issued by 'C=unknown,O=unknown,CN=MeshCentralRoot-a54d03’: Unable to locally verify the issuer's authority. HTTP request sent, awaiting response... 200 OK Length: 5466 (5.3K) [application/octet-stream] Saving to: './meshinstall.sh’

./meshinstall.sh 100%[===================>] 5.34K --.-KB/s in 0s

2021-07-28 22:23:53 (417 MB/s) - './meshinstall.sh’ saved [5466/5466]

Downloading agent #6... --2021-07-28 22:23:53-- https://remote.nagainfotech.com:8086/meshagents?id=6 Resolving remote.nagainfotech.com (remote.nagainfotech.com)... 45.124.53.150 Connecting to remote.nagainfotech.com (remote.nagainfotech.com)|45.124.53.150|:8086... connected. ERROR: cannot verify remote.nagainfotech.com's certificate, issued by 'C=unknown,O=unknown,CN=MeshCentralRoot-a54d03’: Unable to locally verify the issuer's authority. To connect to remote.nagainfotech.com insecurely, use `--no-check-certificate'. % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 curl: (60) SSL certificate problem: unable to get local issuer certificate More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above. URL transformed to HTTPS due to an HSTS policy --2021-07-28 22:23:54-- https://remote.nagainfotech.com:8086/meshagents?id=6 Resolving remote.nagainfotech.com (remote.nagainfotech.com)... 45.124.53.150 Connecting to remote.nagainfotech.com (remote.nagainfotech.com)|45.124.53.150|:8086... connected. ERROR: cannot verify remote.nagainfotech.com's certificate, issued by 'C=unknown,O=unknown,CN=MeshCentralRoot-a54d03’: Unable to locally verify the issuer's authority. To connect to remote.nagainfotech.com insecurely, use `--no-check-certificate'. % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 curl: (52) Empty reply from server Unable to download agent at: http://remote.nagainfotech.com:8086/meshagents?id=6. @.***:/home/yash#

Kind Regards, Santosh T NagaInfoTech http://www.nagainfotech.com

On Sun, Jul 25, 2021 at 10:21 PM @. @.> wrote:

i logged in as sudo su root admin and ran the script again and below is what i get:

@.***:/home/yash# (wget " https://remote.nagainfotech.com/meshagents?script=1" --no-check-certificate -O ./meshinstall.sh || wget " https://remote.nagainfotech.com/meshagents?script=1" --no-proxy --no-check-certificate -O ./meshinstall.sh) && chmod 755 ./meshinstall.sh && sudo -E ./meshinstall.sh https://remote.nagainfotech.com '0ixMYU5KoII5hbz1gkXmg0nhm7KoUW@$OKF9$6DAaYAiHhHODYXV5z9wJv$1rG$3' || ./meshinstall.sh https://remote.nagainfotech.com '0ixMYU5KoII5hbz1gkXmg0nhm7KoUW@$OKF9$6DAaYAiHhHODYXV5z9wJv$1rG$3' --2021-07-25 22:18:39-- https://remote.nagainfotech.com/meshagents?script=1 Resolving remote.nagainfotech.com (remote.nagainfotech.com)... 45.124.53.150 Connecting to remote.nagainfotech.com (remote.nagainfotech.com)|45.124.53.150|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 5466 (5.3K) [application/octet-stream] Saving to: './meshinstall.sh’

./meshinstall.sh 100%[===================>] 5.34K --.-KB/s in 0s

2021-07-25 22:18:39 (153 MB/s) - './meshinstall.sh’ saved [5466/5466]

Downloading agent #6... --2021-07-25 22:18:39-- https://remote.nagainfotech.com/meshagents?id=6 Resolving remote.nagainfotech.com (remote.nagainfotech.com)... 45.124.53.150 Connecting to remote.nagainfotech.com (remote.nagainfotech.com)|45.124.53.150|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 3638608 (3.5M) [application/octet-stream] Saving to: './meshagent’

./meshagent 100%[===================>] 3.47M 2.86MB/s in 1.2s

2021-07-25 22:18:41 (2.86 MB/s) - './meshagent’ saved [3638608/3638608]

Agent downloaded. --2021-07-25 22:18:41-- https://remote.nagainfotech.com/meshsettings?id=0ixMYU5KoII5hbz1gkXmg0nhm7KoUW@$OKF9$6DAaYAiHhHODYXV5z9wJv$1rG$3 Resolving remote.nagainfotech.com (remote.nagainfotech.com)... 45.124.53.150 Connecting to remote.nagainfotech.com (remote.nagainfotech.com)|45.124.53.150|:443... connected. HTTP request sent, awaiting response... 401 Unauthorized

Username/Password Authentication Failed. % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 12 100 12 0 0 62 0 --:--:-- --:--:-- --:--:-- 62 ...Checking for previous installation of "meshagent" [FOUND: /usr/local/mesh_services/meshagent/meshagent] -> Stopping Service... [STOPPED] -> Uninstalling previous installation... [DONE] -> Checking for secondary agent... [NONE] ...Installing service [DONE] -> Starting service... [OK] @.***:/home/yash#

Kind Regards, Santosh T NagaInfoTech http://www.nagainfotech.com

On Sun, Jul 25, 2021 at 5:04 PM @. @.> wrote:

Hi Ylian,

I have wiped my VPS server and restarted and successfully installed the meshcentral server now. i created group called Santosh Home and downloaded linux script and ran on my ubuntu laptop and getting error as below:

[image: image.png] Kind Regards, Santosh T NagaInfoTech http://www.nagainfotech.com

On Tue, Jul 20, 2021 at 1:55 AM Ylian Saint-Hilaire < @.***> wrote:

This error Agent bad web cert hash is because the MeshAgent is connecting to a server with a different TLS certificate from your server certificate. This should be a security problem where someone is trying to do a "man-in-the-middle" attack or you did not setup your reverse-proxy correctly.

If you have a reverse proxy, look at this video on how to set it up correctly https://www.youtube.com/watch?v=YSmiLyKSX2I.

You can also add this line in the setting section of the config.json:

"ignoreagenthashcheck": true

This may fix the problem, but this is not secure. Let me know if that helps.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Ylianst/MeshCentral/issues/2920#issuecomment-882662203, or unsubscribe https://github.com/notifications/unsubscribe-auth/AQ4CEBV563IMPLVVSAO32E3TYRDIHANCNFSM5ASA27WA .