As some may remember from my ldap question (never worked btw - reverted back to htaccess until I can get more time to work on it) I have a RHEL 5.2 server with Xymon 4.3.2 server/client installed.

The server has openssh v 4.3p2 (part of the security app, not separate install).

The problem is the ssh test - when run - it causes a log entry in /var/log/messages on exit:

sshd[#####]: Connection closed by unknown

Did some playing around with the services conf and adding --DNS="IP" in the hobbitserver.conf for the bbtest-net call

Ran the test strings by hand via telnet FQN 22. Pasted the send string in and it sent back all the encryption it can support

As this is testing the ssh, why not specify that the hobbit account should have ssh set up to each client and the server, then test with an actual ssh call:

ssh <server> cat <some known file>

Or just send an ssh -V and parse the string for what you need. (this is known as an ssh exec in the security world) Seems to me that if a server responds to an ssh request properly, then the sshd is running. You could even send ps -ef | grep sshd to see if its running.

To test this way ensures that the protocol is actually usable, not just running. (A really HUGE difference!!!)

Lastly, and best of all - this won't create weird error messages.

In the meantime - any ideas on how to get rid of this error when running the ssh test?

Thanks

Brian

lurch at inorbit.com