[Nagiosplug-devel] [ nagiosplug-Bugs-1252285 ] check_ssh reports critical for some SSH servers
SourceForge.net
noreply at sourceforge.net
Tue Jun 26 04:20:03 CEST 2007
Bugs item #1252285, was opened at 2005-08-04 16:59
Message generated for change (Comment added) made by sf-robot
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1252285&group_id=29880
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Interface (example)
Group: Release (specify)
>Status: Closed
Resolution: None
Priority: 5
Private: No
Submitted By: TexasDavid (daupperle)
Assigned to: Matthias Eble (psychotrahe)
Summary: check_ssh reports critical for some SSH servers
Initial Comment:
The check_ssh plugin reports STATE_CRITICAL for
certain SSH servers. As a result some valid SSH
servers are reported down. For example, the following
is a valid response for a working SSH server:
sshd2: SSH Secure Shell 2.4.0 (non-commercial
version) on hppa2.0n-hp-hpux11.00
The problem lies on line 216 of check_ssh.c (Version
1.27). THe function strncmp should be replaced with
strncasecmp. Note: this change will not return the
version properly, but it will return the state information.
The following changes will properly evaluate the above
SSH server in more detail and probably should be
applied to the patch.
216c216
< if (strncmp (output, "SSH", 3)) {
---
> if (strncasecmp (output, "SSH", 3)) {
224,227c224,237
< ssh_proto = output + 4;
< ssh_server = ssh_proto + strspn
(ssh_proto, "-0123456789. ");
< ssh_proto[strspn
(ssh_proto, "0123456789. ")] = 0;
<
---
> if (strncmp(output,"sshd2",5)==0) {
> // Output(one line): sshd2: SSH Secure
> // Shell 2.4.0 (non-commercial version)
> // on hppa2.0n-hp-hpux11.00
> ssh_server = output + 7;
> ssh_server[strcspn
(ssh_server, "0123456789")-1] = 0;
> ssh_proto = ssh_server + strlen
(ssh_server)+1;
> ssh_proto[strspn
(ssh_proto, "0123456789. ")] = 0;
> }
> else { // Standard servers
> ssh_proto = output + 4;
> ssh_server = ssh_proto + strspn
(ssh_proto, "-0123456789. ");
> ssh_proto[strspn
(ssh_proto, "0123456789. ")] = 0;
> }
----------------------------------------------------------------------
>Comment By: SourceForge Robot (sf-robot)
Date: 2007-06-25 19:20
Message:
Logged In: YES
user_id=1312539
Originator: NO
This Tracker item was closed automatically by the system. It was
previously set to a Pending status, and the original submitter
did not respond within 14 days (the time period specified by
the administrator of this Tracker).
----------------------------------------------------------------------
Comment By: Matthias Eble (psychotrahe)
Date: 2007-06-11 01:15
Message:
Logged In: YES
user_id=1694341
Originator: NO
Announced pending state by sending emails to the participants.
----------------------------------------------------------------------
Comment By: Matthias Eble (psychotrahe)
Date: 2007-06-03 10:49
Message:
Logged In: YES
user_id=1694341
Originator: NO
Hi David,
I looked at the rfc (http://tools.ietf.org/html/rfc4253#section-4.2) and
this claims that
there must be a line like SSH-... but there MAY be other lines before that
one that specifies the version.
could you send the whole text the server offers (eg using netcat 127.0.0.1
22)?
The patch you specified is a bit too specific to me.
Matthias
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1252285&group_id=29880
More information about the Devel
mailing list