From: Tarus B. <ta...@bl...> - 2004-03-09 16:43:20
|
On Mar 9, 2004, at 9:30 AM, Derek Chen-Becker wrote: > Hi, > I was looking at bug 782 and I think there may be a better way to > poll SSH. I guess the issue is how far do we want to test the SSH > connection. I looked at the code for SshMonitor and I think there are > two issues: > > 1. We send an invalid client ID string (1.99 is only to be used by the > server) > 2. We don't need to send the ID string at all unless we want to move > forward with key exchanges. > > I think if we remove the code for us sending the banner that would be > sufficient to test that the daemon is responsive. The only reason to > send the banner is if we would want to test key exchanges, auth, etc, > and that would involve creating or finding a java SSH library. Another > possible change is that the default port is -1 instead of 22 and we > may want to change the code to actually parse the returned banner > instead of just doing a pattern match. The SSH monitor was originally written to prevent log messages from being sent to syslog. Sending the version seemed to fix the log issue, but then created the problem of the ssh daemon hanging. If you could shed some like on the ssh protocol - I need something simple that we can connect to port 22 and then get out without causing sshd any grief and not generating any warning/error logs. -T ________________________________________________________________________ ___ Tarus Balog Main: +1 919 545 2553 Blast Internet Services, Inc. Fax: +1 503-961-7746 Email: ta...@bl... URL: http://www2.blast.com/tarus PGP Key Fingerprint: 8945 8521 9771 FEC9 5481 512B FECA 11D2 FD82 B45C |