13 Mar
2012
13 Mar
'12
4:33 a.m.
On Sat, Mar 10, 2012 at 9:26 AM, Don Kuhlman
- So, is the ssh|ssh1|ssh2 test in protocols.cfg supposed to make the connection to the target host via port 22, then send it that string in red above - "SSH-2.0-OpenSSH_4.1\r\n" ?
Yes.
- If so, why would it send this, as we don't want to tell that to the host do we?
This is how an ssh/sftp client talks to an ssh server. It connects, waits for the SSH-* banner, then sends its own SSH-* banner.
- Then is it expecting the host to reply with only "SSH" or is it looking for anything matching that in the reply?
It looks for a banner that starts with "SSH". It looks only in the banner for this string.
- Is the options banner line supposed to say it's okay to send us all that other stuff back or not?
The "banner" line causes Xymon to log what it receives from the server, but before sending the "send" string. All of the other data should not be logged.
Cheers Jeremy