The custom setting _BESRelay_Comm_KeyExchangePassword is not listed when trying to add a new setting from the console. I’ve also gone into /var/opt/BESClient/besclient.config within the Linux Relay and modified the value with the key (password) I want it to be. (Yes, it is ASCCI characters). After restarting the relay service, it reverts back to “”. Any help would be appreciated.
Hi @jknapp221,
First of all, please stop the BES Relay and Client service
/etc/init.d/besrelay stop
/etc/init.d/besclient stop
Make sure the /var/opt/BESClient/besclient.config file is owned by root and are not writable by anyone else.
Edit the besclient.config, make sure the following lines are there and save the changes
[Software\BigFix\EnterpriseClient\Settings\Client\_BESRelay_Comm_Authenticating]
effective date = Wed, 06 Jun 2012 11:00:00 -0700
value = 1
[Software\BigFix\EnterpriseClient\Settings\Client\_BESRelay_Comm_KeyExchangePassword]
effective date = Wed, 06 Jun 2012 11:00:00 -0700
value = SomePasswordOnASCII
start the BES Client and Relay service
/etc/init.d/besrelay start
/etc/init.d/besclient start
Please update 
I ran “ls -l /var/opt/BESClient/besclient.config” and it showed this:
-rw-r–r–. 1 root root 24273 Aug 21 08:54 /var/opt/BESClient/besclient.config
I did these steps:
sudo su
sudo /etc/init.d/besrelay stop
sudo /etc/init.d/besclient stop
sudo nano /var/opt/BESClient/besclient.config
[Software\BigFix\EnterpriseClient\Settings\Client_BESRelay_Comm_Authenticating]
already set.
added a password to _BESRelay_Comm_KeyExchangePassword and modified the effective date to the same as _BESRelay_Comm_Authenticating
CTRL+O CTRL+X
sudo /etc/init.d/besrelay start
sudo /etc/init.d/besclient start
sudo cat /var/opt/BESClient/besclient.config
and the _BESRelay_Comm_KeyExchangePassword shows “” as the value still.
I think it’s working. It’s possible that it wont show the key you’ve entered in the Config file and only display “” as the value for security purposes. I install the BigFix client on a machine with the same key under _BESClient_SecureRegistration in the clientsettings.cfg file and it showed up in BigFix. Looked at the logs and it has these listed:
- Sending key exchange request
- Successfully collected client certificate.
2 Likes