[Nagiosplug-devel] [ nagiosplug-Bugs-1252285 ] check_ssh reports critical for some SSH servers
SourceForge.net
noreply at sourceforge.net
Sun Jun 3 19:50:49 CEST 2007
Bugs item #1252285, was opened at 2005-08-05 01:59
Message generated for change (Settings changed) made by psychotrahe
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1252285&group_id=29880
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Interface (example)
Group: Release (specify)
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: TexasDavid (daupperle)
>Assigned to: Matthias Eble (psychotrahe)
Summary: check_ssh reports critical for some SSH servers
Initial Comment:
The check_ssh plugin reports STATE_CRITICAL for
certain SSH servers. As a result some valid SSH
servers are reported down. For example, the following
is a valid response for a working SSH server:
sshd2: SSH Secure Shell 2.4.0 (non-commercial
version) on hppa2.0n-hp-hpux11.00
The problem lies on line 216 of check_ssh.c (Version
1.27). THe function strncmp should be replaced with
strncasecmp. Note: this change will not return the
version properly, but it will return the state information.
The following changes will properly evaluate the above
SSH server in more detail and probably should be
applied to the patch.
216c216
< if (strncmp (output, "SSH", 3)) {
---
> if (strncasecmp (output, "SSH", 3)) {
224,227c224,237
< ssh_proto = output + 4;
< ssh_server = ssh_proto + strspn
(ssh_proto, "-0123456789. ");
< ssh_proto[strspn
(ssh_proto, "0123456789. ")] = 0;
<
---
> if (strncmp(output,"sshd2",5)==0) {
> // Output(one line): sshd2: SSH Secure
> // Shell 2.4.0 (non-commercial version)
> // on hppa2.0n-hp-hpux11.00
> ssh_server = output + 7;
> ssh_server[strcspn
(ssh_server, "0123456789")-1] = 0;
> ssh_proto = ssh_server + strlen
(ssh_server)+1;
> ssh_proto[strspn
(ssh_proto, "0123456789. ")] = 0;
> }
> else { // Standard servers
> ssh_proto = output + 4;
> ssh_server = ssh_proto + strspn
(ssh_proto, "-0123456789. ");
> ssh_proto[strspn
(ssh_proto, "0123456789. ")] = 0;
> }
----------------------------------------------------------------------
Comment By: Matthias Eble (psychotrahe)
Date: 2007-06-03 19:49
Message:
Logged In: YES
user_id=1694341
Originator: NO
Hi David,
I looked at the rfc (http://tools.ietf.org/html/rfc4253#section-4.2) and
this claims that
there must be a line like SSH-... but there MAY be other lines before that
one that specifies the version.
could you send the whole text the server offers (eg using netcat 127.0.0.1
22)?
The patch you specified is a bit too specific to me.
Matthias
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1252285&group_id=29880
More information about the Devel
mailing list