[hobbit] RE: [SOLVED][hobbit] sshd notification in syslog
What ever I did this time seem to work.
I used SSH-2.0-Sun_SSH_1.0.1\r\n and this seems to work now.
Thanks
Robert
Robert P. McGraw, Jr. Manager, Computer System EMAIL: rmcgraw at purdue.edu Purdue University ROOM: MATH-807 Department of Mathematics PHONE: (765) 494-6055 150 N. University Street FAX: (419) 821-0540 West Lafayette, IN 47907-2067
-----Original Message----- From: Schwimmer, Eric E *HS [mailto:EES2Y at hscmail.mcc.virginia.edu] Sent: Thursday, March 02, 2006 2:42 PM To: hobbit at hswn.dk Subject: RE: [hobbit] RE: [SOLVED][hobbit] sshd notification in syslog
Hrm, the first string (SSH-2.0-Sun_SSH_1.0.1) should have worked (or at least, it works on my server running the openssh version of sshd).
Have you tried telneting into the port and typing the version number in yourself? If it accepts it, you'll get some crazy diffie-hellman text, otherwise it will spit a protocol mismatch line back at you.
Also, silly question, but did you make sure to include to '\r\n' at the end of the message? If you did, you might want to try messing with that (changing it to just '\r' or '\n') because the protocol error in your syslog looks a little weird (extra newline), so I'm wondering if there isnt something wrong there.
-Eric
-----Original Message----- From: McGraw, Robert P. [mailto:rmcgraw at purdue.edu] Sent: Thursday, March 02, 2006 2:19 PM To: hobbit at hswn.dk Subject: RE: [hobbit] RE: [SOLVED][hobbit] sshd notification in syslog
I am having the same problem and trying to follow your instructions.
I ran
##R##-zorn->[227] ##> ssh -V
Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
To get the version number.
I also ran telnet host 22 and got back the following
SSH-2.0-Sun_SSH_1.0.1
I have tried the following
SSH-2.0-Sun_SSH_1.0.1
Sun_SSH_1.1
Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
as the version number with no luck.
I keep getting the following message log.
Mar 2 14:03:47 zada.math.purdue.edu sshd[29349]: [ID 800047 auth.info] Bad protocol version identification 'Sun_SSH_1.1
Mar 2 14:03:47 zada.math.purdue.edu ' from 128.210.3.176
The only change in the log message is the version identification string.
How do I find the right version number to use?
Thanks
Robert
Robert P. McGraw, Jr.
Manager, Computer System EMAIL: rmcgraw at purdue.edu
Purdue University ROOM: MATH-807
Department of Mathematics PHONE: (765) 494-6055
150 N. University Street FAX: (419) 821-0540
West Lafayette, IN 47907-2067
From: thomas.seglard.enata at cnp.fr [mailto:thomas.seglard.enata at cnp.fr] Sent: Thursday, March 02, 2006 12:21 PM To: hobbit at hswn.dk Subject: [hobbit] RE: [SOLVED][hobbit] sshd notification in syslog
Thank you !
the second option (the one you preferred) was a good bet ! I added the lines as you indicate and that's solved my problem.
Best regards,
Thomas Seglard
"Schwimmer, Eric E *HS" <EES2Y at hscmail.mcc.virginia.edu> a écrit sur 02/03/2006 17:31:10 :
Three posibilities, off the top of my head:
On the client side:
- Install syslog-ng instead of ksyslogd, and filter on the ip address of your hobbit server.
- Call your logrotate script (assuming you use one) more often, and/or make it compress your old syslog messages.
On the hobbit server side: (this is my preferred option)
- change your bb-services file ($HOBBIT/server/etc/bb-services) so that ssh test sends the version string. I think that will stop your sshd from complaining.
ie.:
[ssh|ssh1|ssh2] send "SSH-2.0-OpenSSH_4.1\r\n" expect "SSH" options banner port 22
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
participants (1)
-
rmcgraw@purdue.edu