Bug 456243 - Monitoring Probe fails when using port 22 ssh and a banner
Summary: Monitoring Probe fails when using port 22 ssh and a banner
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Spacewalk
Classification: Community
Component: Server
Version: 0.1
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Miroslav Suchý
QA Contact: Jesus M. Rodriguez
URL:
Whiteboard:
Depends On:
Blocks: space05
TreeView+ depends on / blocked
 
Reported: 2008-07-22 13:40 UTC by Miroslav Suchý
Modified: 2009-02-24 20:49 UTC (History)
5 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2009-02-24 20:49:11 UTC
Embargoed:


Attachments (Terms of Use)

Description Miroslav Suchý 2008-07-22 13:40:07 UTC
+++ This bug was initially created as a clone of Bug #227883 +++

When one is using port 22 ssh and not the rhnmd program on port 4545 and when he
sets ssh to use a banner, the probes stop working.  As soon as he disables the
banner, they start working again.

I tried this with a banner of just "hello" and this was the probe status string
I got:


The RHN Monitoring Daemon (RHNMD) is not responding: hello
. Please make sure the daemon is running and the host is accessible from the
monitoring scout. Command was: /usr/bin/ssh -l user -p 22 -i
/home/nocpulse/.ssh/nocpulse-identity -o StrictHostKeyChecking=no -o
BatchMode=yes 192.168.0.10 /bin/sh -s


Steps to reproduce problem:

1.  Set up monitoring on a client and get it working on port 22 using normal sshd
2.  Enable ssh banner using the Banner option in /etc/ssh/sshd_config

We can either call ssh with -q. Or we can utilize ignore_connect_error_regex
command to ignore banner. I think the second is right way.

Comment 1 Miroslav Suchý 2008-07-29 10:59:37 UTC
I set up new option for probes which utilize ssh (or rhnmd) and user can say how
much lines the banner will have.
I did not allow user to say regexp of the banner since he can then enter some
malicious code into regxep.
Commited to git (rev. 49aa368ac63823a99b377b2a7dcb3497b0723de7)
Agrh... forgot to add string for translation - commit
94469e3278048023d3aa5ec983ab3c5ba1739643

Comment 3 Milan Zázrivec 2008-11-05 13:56:54 UTC
Right now I'm unable to activate monitoring on installed Spacewalk 0.3 --
I'm moving verification of this bug to Spacewalk 0.4.


Note You need to log in before you can comment on or make changes to this bug.