Bug 456243

Summary: Monitoring Probe fails when using port 22 ssh and a banner
Product: [Community] Spacewalk Reporter: Miroslav Suchý <msuchy>
Component: ServerAssignee: Miroslav Suchý <msuchy>
Status: CLOSED CURRENTRELEASE QA Contact: Jesus M. Rodriguez <jesusr>
Severity: medium Docs Contact:
Priority: medium    
Version: 0.1CC: bperkins, cperry, jesusr, mzazrivec, tao
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-02-24 20:49:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 456553    

Description Miroslav Suchý 2008-07-22 13:40:07 UTC 
+++ This bug was initially created as a clone of Bug #227883 +++

When one is using port 22 ssh and not the rhnmd program on port 4545 and when he
sets ssh to use a banner, the probes stop working.  As soon as he disables the
banner, they start working again.

I tried this with a banner of just "hello" and this was the probe status string
I got:


The RHN Monitoring Daemon (RHNMD) is not responding: hello
. Please make sure the daemon is running and the host is accessible from the
monitoring scout. Command was: /usr/bin/ssh -l user -p 22 -i
/home/nocpulse/.ssh/nocpulse-identity -o StrictHostKeyChecking=no -o
BatchMode=yes 192.168.0.10 /bin/sh -s


Steps to reproduce problem:

1.  Set up monitoring on a client and get it working on port 22 using normal sshd
2.  Enable ssh banner using the Banner option in /etc/ssh/sshd_config

We can either call ssh with -q. Or we can utilize ignore_connect_error_regex
command to ignore banner. I think the second is right way.
Comment 1 Miroslav Suchý 2008-07-29 10:59:37 UTC 
I set up new option for probes which utilize ssh (or rhnmd) and user can say how
much lines the banner will have.
I did not allow user to say regexp of the banner since he can then enter some
malicious code into regxep.
Commited to git (rev. 49aa368ac63823a99b377b2a7dcb3497b0723de7)
Agrh... forgot to add string for translation - commit
94469e3278048023d3aa5ec983ab3c5ba1739643
Comment 3 Milan Zázrivec 2008-11-05 13:56:54 UTC 
Right now I'm unable to activate monitoring on installed Spacewalk 0.3 --
I'm moving verification of this bug to Spacewalk 0.4.