wazuh-packages Changed algorithms to RSA-4096 and SHA-512

Changed algorithms to RSA-4096 and SHA-512

Open CarlosALgit opened this issue 6 months ago • 1 comments

Related issue

https://github.com/wazuh/wazuh-installation-assistant/issues/6

Related issue
https://github.com/wazuh/wazuh-installation-assistant/issues/6

Description

The aim of this PR is to change the algorithms of the Cert Tool to use RSA-4906 and SHA-512

Tests

The tests have been done using the latest pre-release v.4.9.0-alpha3 in the following systems.

[!NOTE] The v4.9.0-alpha3 version has been used instead of version 4.10.0 because threre are no packages builded yet.

Ubuntu 22

Install logs:

root@ip-172-31-43-44:/home/ubuntu/wazuh-packages/unattended_installer# bash wazuh-install.sh -a
02/08/2024 11:17:39 INFO: Starting Wazuh installation assistant. Wazuh version: 4.9.0
02/08/2024 11:17:39 INFO: Verbose logging redirected to /var/log/wazuh-install.log
02/08/2024 11:18:09 INFO: Verifying that your system meets the recommended minimum hardware requirements.
02/08/2024 11:18:16 INFO: Wazuh web interface port will be 443.
02/08/2024 11:18:29 INFO: --- Dependencies ----
02/08/2024 11:18:29 INFO: Installing apt-transport-https.
02/08/2024 11:18:42 INFO: Installing debhelper.
02/08/2024 11:19:32 INFO: Wazuh development repository added.
02/08/2024 11:19:32 INFO: --- Configuration files ---
02/08/2024 11:19:32 INFO: Generating configuration files.
02/08/2024 11:19:33 INFO: Generating the root certificate.
02/08/2024 11:19:34 INFO: Generating Admin certificates.
02/08/2024 11:19:34 INFO: Generating Wazuh indexer certificates.
02/08/2024 11:19:35 INFO: Generating Filebeat certificates.
02/08/2024 11:19:36 INFO: Generating Wazuh dashboard certificates.
02/08/2024 11:19:37 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
02/08/2024 11:19:37 INFO: --- Wazuh indexer ---
02/08/2024 11:19:37 INFO: Starting Wazuh indexer installation.
02/08/2024 11:20:29 INFO: Wazuh indexer installation finished.
02/08/2024 11:20:29 INFO: Wazuh indexer post-install configuration finished.
02/08/2024 11:20:29 INFO: Starting service wazuh-indexer.
02/08/2024 11:20:56 INFO: wazuh-indexer service started.
02/08/2024 11:20:56 INFO: Initializing Wazuh indexer cluster security settings.
02/08/2024 11:21:06 INFO: Wazuh indexer cluster security configuration initialized.
02/08/2024 11:21:06 INFO: Wazuh indexer cluster initialized.
02/08/2024 11:21:06 INFO: --- Wazuh server ---
02/08/2024 11:21:06 INFO: Starting the Wazuh manager installation.
02/08/2024 11:23:17 INFO: Wazuh manager installation finished.
02/08/2024 11:23:17 INFO: Wazuh manager vulnerability detection configuration finished.
02/08/2024 11:23:17 INFO: Starting service wazuh-manager.
02/08/2024 11:23:42 INFO: wazuh-manager service started.
02/08/2024 11:23:42 INFO: Starting Filebeat installation.
02/08/2024 11:24:07 INFO: Filebeat installation finished.
02/08/2024 11:24:08 INFO: Filebeat post-install configuration finished.
02/08/2024 11:24:08 INFO: Starting service filebeat.
02/08/2024 11:24:10 INFO: filebeat service started.
02/08/2024 11:24:10 INFO: --- Wazuh dashboard ---
02/08/2024 11:24:10 INFO: Starting Wazuh dashboard installation.
02/08/2024 11:27:20 INFO: Wazuh dashboard installation finished.
02/08/2024 11:27:20 INFO: Wazuh dashboard post-install configuration finished.
02/08/2024 11:27:20 INFO: Starting service wazuh-dashboard.
02/08/2024 11:27:20 INFO: wazuh-dashboard service started.
02/08/2024 11:27:23 INFO: Updating the internal users.
02/08/2024 11:27:32 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
02/08/2024 11:27:51 INFO: The filebeat.yml file has been updated to use the Filebeat Keystore username and password.
02/08/2024 11:28:35 INFO: Initializing Wazuh dashboard web application.
02/08/2024 11:28:35 INFO: Wazuh dashboard web application not yet initialized. Waiting...
02/08/2024 11:28:50 INFO: Wazuh dashboard web application not yet initialized. Waiting...
02/08/2024 11:29:05 INFO: Wazuh dashboard web application initialized.
02/08/2024 11:29:05 INFO: --- Summary ---
02/08/2024 11:29:05 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
    User: admin
    Password: 9ObZBU?cF7maxkRWqlwENy8nSEUKuhol
02/08/2024 11:29:05 INFO: Installation finished.

Dashboard screenshots:

Dashboard landing:

imagen

Discover page:

imagen

Indexes page:

imagen

RHEL 9

Install logs:

[root@ip-172-31-36-23 unattended_installer]# bash wazuh-install.sh -a
02/08/2024 11:17:46 INFO: Starting Wazuh installation assistant. Wazuh version: 4.9.0
02/08/2024 11:17:46 INFO: Verbose logging redirected to /var/log/wazuh-install.log
02/08/2024 11:17:47 INFO: Verifying that your system meets the recommended minimum hardware requirements.
02/08/2024 11:17:48 INFO: Wazuh web interface port will be 443.
02/08/2024 11:17:48 INFO: --- Dependencies ---
02/08/2024 11:17:48 INFO: Installing lsof.
02/08/2024 11:18:17 INFO: Wazuh development repository added.
02/08/2024 11:18:17 INFO: --- Configuration files ---
02/08/2024 11:18:17 INFO: Generating configuration files.
02/08/2024 11:18:17 INFO: Generating the root certificate.
02/08/2024 11:18:18 INFO: Generating Admin certificates.
02/08/2024 11:18:19 INFO: Generating Wazuh indexer certificates.
02/08/2024 11:18:20 INFO: Generating Filebeat certificates.
02/08/2024 11:18:20 INFO: Generating Wazuh dashboard certificates.
02/08/2024 11:18:21 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
02/08/2024 11:18:21 INFO: --- Wazuh indexer ---
02/08/2024 11:18:21 INFO: Starting Wazuh indexer installation.
02/08/2024 11:19:21 INFO: Wazuh indexer installation finished.
02/08/2024 11:19:21 INFO: Wazuh indexer post-install configuration finished.
02/08/2024 11:19:21 INFO: Starting service wazuh-indexer.
02/08/2024 11:19:45 INFO: wazuh-indexer service started.
02/08/2024 11:19:45 INFO: Initializing Wazuh indexer cluster security settings.
02/08/2024 11:19:53 INFO: Wazuh indexer cluster security configuration initialized.
02/08/2024 11:19:53 INFO: Wazuh indexer cluster initialized.
02/08/2024 11:19:53 INFO: --- Wazuh server ---
02/08/2024 11:19:53 INFO: Starting the Wazuh manager installation.
02/08/2024 11:21:26 INFO: Wazuh manager installation finished.
02/08/2024 11:21:26 INFO: Wazuh manager vulnerability detection configuration finished.
02/08/2024 11:21:26 INFO: Starting service wazuh-manager.
02/08/2024 11:21:46 INFO: wazuh-manager service started.
02/08/2024 11:21:46 INFO: Starting Filebeat installation.
02/08/2024 11:23:03 INFO: Filebeat installation finished.
02/08/2024 11:23:05 INFO: Filebeat post-install configuration finished.
02/08/2024 11:23:05 INFO: Starting service filebeat.
02/08/2024 11:23:06 INFO: filebeat service started.
02/08/2024 11:23:06 INFO: --- Wazuh dashboard ---
02/08/2024 11:23:06 INFO: Starting Wazuh dashboard installation.
02/08/2024 11:25:30 INFO: Wazuh dashboard installation finished.
02/08/2024 11:25:30 INFO: Wazuh dashboard post-install configuration finished.
02/08/2024 11:25:30 INFO: Starting service wazuh-dashboard.
02/08/2024 11:25:31 INFO: wazuh-dashboard service started.
02/08/2024 11:25:31 INFO: Updating the internal users.
02/08/2024 11:25:39 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
02/08/2024 11:25:56 INFO: The filebeat.yml file has been updated to use the Filebeat Keystore username and password.
02/08/2024 11:26:40 INFO: Initializing Wazuh dashboard web application.
02/08/2024 11:26:40 INFO: Wazuh dashboard web application not yet initialized. Waiting...
02/08/2024 11:26:57 INFO: Wazuh dashboard web application not yet initialized. Waiting...
02/08/2024 11:27:12 INFO: Wazuh dashboard web application initialized.
02/08/2024 11:27:12 INFO: --- Summary ---
02/08/2024 11:27:12 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
    User: admin
    Password: TL.2rA6*4Huamg5MDA8hGv6TJlu+XBG+
02/08/2024 11:27:12 INFO: --- Dependencies ---
02/08/2024 11:27:12 INFO: Removing lsof.
02/08/2024 11:27:14 INFO: Installation finished.

Dashboard screenshots:

Dashboard landing:

imagen

Discover page:

imagen

Indexes page:

imagen

CentOS 7

Install logs:

[root@ip-172-31-34-206 unattended_installer]# bash wazuh-install.sh -a
02/08/2024 11:17:50 INFO: Starting Wazuh installation assistant. Wazuh version: 4.9.0
02/08/2024 11:17:50 INFO: Verbose logging redirected to /var/log/wazuh-install.log
02/08/2024 11:17:51 INFO: Verifying that your system meets the recommended minimum hardware requirements.
02/08/2024 11:17:51 INFO: Wazuh web interface port will be 443.
02/08/2024 11:17:51 INFO: --- Dependencies ---
02/08/2024 11:17:51 INFO: Installing lsof.
02/08/2024 11:17:56 INFO: Wazuh development repository added.
02/08/2024 11:17:56 INFO: --- Configuration files ---
02/08/2024 11:17:56 INFO: Generating configuration files.
02/08/2024 11:17:56 INFO: Generating the root certificate.
02/08/2024 11:17:57 INFO: Generating Admin certificates.
02/08/2024 11:17:57 INFO: Generating Wazuh indexer certificates.
02/08/2024 11:17:57 INFO: Generating Filebeat certificates.
02/08/2024 11:17:57 INFO: Generating Wazuh dashboard certificates.
02/08/2024 11:17:58 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
02/08/2024 11:17:58 INFO: --- Wazuh indexer ---
02/08/2024 11:17:58 INFO: Starting Wazuh indexer installation.
02/08/2024 11:18:41 INFO: Wazuh indexer installation finished.
02/08/2024 11:18:41 INFO: Wazuh indexer post-install configuration finished.
02/08/2024 11:18:41 INFO: Starting service wazuh-indexer.
02/08/2024 11:19:06 INFO: wazuh-indexer service started.
02/08/2024 11:19:06 INFO: Initializing Wazuh indexer cluster security settings.
02/08/2024 11:19:14 INFO: Wazuh indexer cluster security configuration initialized.
02/08/2024 11:19:14 INFO: Wazuh indexer cluster initialized.
02/08/2024 11:19:14 INFO: --- Wazuh server ---
02/08/2024 11:19:14 INFO: Starting the Wazuh manager installation.
02/08/2024 11:20:38 INFO: Wazuh manager installation finished.
02/08/2024 11:20:38 INFO: Wazuh manager vulnerability detection configuration finished.
02/08/2024 11:20:38 INFO: Starting service wazuh-manager.
02/08/2024 11:20:57 INFO: wazuh-manager service started.
02/08/2024 11:20:57 INFO: Starting Filebeat installation.
02/08/2024 11:21:08 INFO: Filebeat installation finished.
02/08/2024 11:21:10 INFO: Filebeat post-install configuration finished.
02/08/2024 11:21:10 INFO: Starting service filebeat.
02/08/2024 11:21:10 INFO: filebeat service started.
02/08/2024 11:21:10 INFO: --- Wazuh dashboard ---
02/08/2024 11:21:10 INFO: Starting Wazuh dashboard installation.
02/08/2024 11:24:20 INFO: Wazuh dashboard installation finished.
02/08/2024 11:24:20 INFO: Wazuh dashboard post-install configuration finished.
02/08/2024 11:24:20 INFO: Starting service wazuh-dashboard.
02/08/2024 11:24:20 INFO: wazuh-dashboard service started.
02/08/2024 11:24:21 INFO: Updating the internal users.
02/08/2024 11:24:27 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
02/08/2024 11:24:46 INFO: The filebeat.yml file has been updated to use the Filebeat Keystore username and password.
02/08/2024 11:25:28 INFO: Initializing Wazuh dashboard web application.
02/08/2024 11:25:29 INFO: Wazuh dashboard web application initialized.
02/08/2024 11:25:29 INFO: --- Summary ---
02/08/2024 11:25:29 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
    User: admin
    Password: 05btw+oPjVHIVRci6XTnrOGNi+2l?I8D
02/08/2024 11:25:29 INFO: --- Dependencies ---
02/08/2024 11:25:29 INFO: Removing lsof.
02/08/2024 11:25:31 INFO: Installation finished.

Dashboard screenshots:

Dashboard landing:

imagen

Discover page:

imagen

Indexes page:

imagen

Amazon Linux 2

Install logs:

We performed this change with the 4.8.1 version due to issues with the YUM lock when installing in AL2.

[root@ip-172-31-41-84 unattended_installer]# bash wazuh-install.sh -a
02/08/2024 13:36:47 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.1
02/08/2024 13:36:47 INFO: Verbose logging redirected to /var/log/wazuh-install.log
02/08/2024 13:36:49 INFO: Verifying that your system meets the recommended minimum hardware requirements.
02/08/2024 13:36:55 INFO: Wazuh web interface port will be 443.
02/08/2024 13:36:57 INFO: Wazuh repository added.
02/08/2024 13:36:57 INFO: --- Configuration files ---
02/08/2024 13:36:57 INFO: Generating configuration files.
02/08/2024 13:36:57 INFO: Generating the root certificate.
02/08/2024 13:36:58 INFO: Generating Admin certificates.
02/08/2024 13:36:58 INFO: Generating Wazuh indexer certificates.
02/08/2024 13:36:58 INFO: Generating Filebeat certificates.
02/08/2024 13:36:58 INFO: Generating Wazuh dashboard certificates.
02/08/2024 13:36:58 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
02/08/2024 13:36:59 INFO: --- Wazuh indexer ---
02/08/2024 13:36:59 INFO: Starting Wazuh indexer installation.
02/08/2024 13:38:41 INFO: Wazuh indexer installation finished.
02/08/2024 13:38:41 INFO: Wazuh indexer post-install configuration finished.
02/08/2024 13:38:41 INFO: Starting service wazuh-indexer.
02/08/2024 13:39:05 INFO: wazuh-indexer service started.
02/08/2024 13:39:05 INFO: Initializing Wazuh indexer cluster security settings.
02/08/2024 13:39:16 INFO: Wazuh indexer cluster security configuration initialized.
02/08/2024 13:39:16 INFO: Wazuh indexer cluster initialized.
02/08/2024 13:39:16 INFO: --- Wazuh server ---
02/08/2024 13:39:16 INFO: Starting the Wazuh manager installation.
02/08/2024 13:40:04 INFO: Wazuh manager installation finished.
02/08/2024 13:40:04 INFO: Wazuh manager vulnerability detection configuration finished.
02/08/2024 13:40:04 INFO: Starting service wazuh-manager.
02/08/2024 13:40:22 INFO: wazuh-manager service started.
02/08/2024 13:40:22 INFO: Starting Filebeat installation.
02/08/2024 13:41:12 INFO: Filebeat installation finished.
02/08/2024 13:41:15 INFO: Filebeat post-install configuration finished.
02/08/2024 13:41:15 INFO: Starting service filebeat.
02/08/2024 13:41:16 INFO: filebeat service started.
02/08/2024 13:41:16 INFO: --- Wazuh dashboard ---
02/08/2024 13:41:16 INFO: Starting Wazuh dashboard installation.
02/08/2024 13:42:45 INFO: Wazuh dashboard installation finished.
02/08/2024 13:42:45 INFO: Wazuh dashboard post-install configuration finished.
02/08/2024 13:42:45 INFO: Starting service wazuh-dashboard.
02/08/2024 13:42:46 INFO: wazuh-dashboard service started.
02/08/2024 13:42:50 INFO: Updating the internal users.
02/08/2024 13:42:57 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
02/08/2024 13:43:52 INFO: Initializing Wazuh dashboard web application.
02/08/2024 13:43:53 INFO: Wazuh dashboard web application initialized.
02/08/2024 13:43:53 INFO: --- Summary ---
02/08/2024 13:43:53 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
    User: admin
    Password: KKTH?S1McZB3KGHYyt.gFq+i68+uonRa
02/08/2024 13:43:53 INFO: Installation finished.

Dashboard screenshots:

Dashboard landing:

imagen

Discover page:

imagen

Indexes page:

imagen

Aug 02 '24 14:08 CarlosALgit

wazuh-packages wazuh-packages copied to clipboard

Changed algorithms to RSA-4096 and SHA-512

Description

Tests

Ubuntu 22

Dashboard landing:

Discover page:

Indexes page:

RHEL 9

Dashboard landing:

Discover page:

Indexes page:

CentOS 7

Dashboard landing:

Discover page:

Indexes page:

Amazon Linux 2

Dashboard landing:

Discover page:

Indexes page:

wazuh-packages
wazuh-packages copied to clipboard