[hobbit] need help in monitoring edmz client

Hi,

Thanks very much for that. I’ll have a look at it and see if I can get it work.

Regards,

Johan

From: Lennon, Padraig [mailto:Padraig.Lennon at pioneerinvestments.com] Sent: 14 August 2008 17:05 To: hobbit at hswn.dk Subject: RE: [hobbit] need help in monitoring edmz client

Not sure if this is of any use to you Johan..

I have a server side script which controls the ssh tunnels to my windows/*nix clients which are in the DMZ

Basically it requires that you put a tag at the end of the client name in bb-hosts called ssh-tunnel

Its hardly a work of art but it works ok for us.. If it sees the connection is down it will warn and continue to retry the connection..

Hope this helps..

regards

Padraig Lennon

Senior Systems Engineer

Production Services

Pioneer Global Investments (Dublin)

5th Floor Georges Quay Plaza, Dublin 2

ext: 2081

Direct dial: 00353 1 480 2081

From: Johan Booysen [mailto:johan at matrix-data.co.uk] Sent: 14 August 2008 16:57 To: hobbit at hswn.dk Subject: RE: [hobbit] need help in monitoring edmz client

I want to be able to monitor 2 hosts in the dmz.

Having su -c "ssh hobbit at hobbitclient -T -n -N -g -x -R1984:127.0.0.1:1984" hobbit in /etc/rc.local seems to work for the first host. I added a second line like that for a second host, but it doesn’t work for the second host unless I execute the command manually – at which point both dmz hosts report back.

Does anyone know why this is happening and how I can get it to work?

Thanks.

From: Johan Booysen [mailto:johan at matrix-data.co.uk] Sent: 14 August 2008 14:02 To: hobbit at hswn.dk Subject: RE: [hobbit] need help in monitoring edmz client

This works for me (RHEL5 machines), if it helps anyone else. Any comments most welcome:

Create the .ssh folder (on both the hobbit server and the hobbit client) in /var/lib/hobbit as root, chown it to hobbit:hobbit, and chmod it to 700.

On the hobbit server, now as the hobbit user:

Generate a private/public keypair with an empty password:

$ pwd

/var/lib/hobbit

$ ssh-keygen -t dsa

Copy the generated public key to the hobbit client:

$ scp .ssh/id_dsa.pub hobbit at hobbitclient:/var/lib/hobbit

On the hobbit client:

Rename the public key:

$ mv id_dsa.pub authorized_keys

Copy the authorized_keys file to the user’s .ssh directory.

$ mv authorized_keys .ssh/

Check that the authorized_keys file has the following permissions:

-rw-r--r-- 1 hobbit hobbit 603 Aug 14 12:16 authorized_keys