Re: [opennms-bugs] Bug 782

[Tarus B. <ta...@bl...>]

On Mar 9, 2004, at 9:30 AM, Derek Chen-Becker wrote:

> Hi,
>     I was looking at bug 782 and I think there may be a better way to  
> poll SSH. I guess the issue is how far do we want to test the SSH  
> connection. I looked at the code for SshMonitor and I think there are  
> two issues:
>
> 1. We send an invalid client ID string (1.99 is only to be used by the  
> server)
> 2. We don't need to send the ID string at all unless we want to move  
> forward with key exchanges.
>
> I think if we remove the code for us sending the banner that would be  
> sufficient to test that the daemon is responsive. The only reason to  
> send the banner is if we would want to test key exchanges, auth, etc,  
> and that would involve creating or finding a java SSH library. Another  
> possible change is that the default port is -1 instead of 22 and we  
> may want to change the code to actually parse the returned banner  
> instead of just doing a pattern match.

The SSH monitor was originally written to prevent log messages from  
being sent to syslog. Sending the version seemed to fix the log issue,  
but then created the problem of the ssh daemon hanging.

If you could shed some like on the ssh protocol - I need something  
simple that we can connect to port 22 and then get out without causing  
sshd any grief and not generating any warning/error logs.

-T
________________________________________________________________________ 
___
Tarus Balog							Main:		+1 919 545 2553
Blast Internet Services, Inc.			Fax:			+1 503-961-7746
Email: ta...@bl...					URL: http://www2.blast.com/tarus
PGP Key Fingerprint: 8945 8521 9771 FEC9 5481  512B FECA 11D2 FD82 B45C