[Nagiosplug-devel] [ nagiosplug-Bugs-1180762 ] check_ssh does not properly close connection

SourceForge.net noreply at sourceforge.net
Tue Nov 6 09:13:54 CET 2007


Bugs item #1180762, was opened at 2005-04-11 18:41
Message generated for change (Comment added) made by shattered
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1180762&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: Release (specify)
Status: Closed
Resolution: Wont Fix
Priority: 5
Private: No
Submitted By: M. Sean Finney (seanius)
Assigned to: Thomas Guyot (dermoth)
Summary: check_ssh does not properly close connection

Initial Comment:
with 1.4 and later, it looks like check_ssh doesn't
properly close connections.  for example, this is the
previous behaviour of check_ssh in the 1.3 series:

Apr 11 10:24:03 appsrv1 sshd[9822]: Connection closed
by xxx.xxx.64.52

but in 1.4:

appsrv1 sshd[10154]: fatal: Read from socket failed:
Connection reset by peer

i think this is just because close() isn't being
called.  i will verify this shortly...

----------------------------------------------------------------------

Comment By: Sergey Svishchev (shattered)
Date: 2007-11-06 11:13

Message:
Logged In: YES 
user_id=45207
Originator: NO

I'm using OpenSSH_3.8.1p1 FreeBSD-20060123 (shipped in FreeBSD 5.5) and
can reproduce it at will.

----------------------------------------------------------------------

Comment By: Thomas Guyot (dermoth)
Date: 2007-11-02 15:58

Message:
Logged In: YES 
user_id=375623
Originator: NO

Yes, emias made me realize that on IRC yesterday.

I looked into it and I won't fix this because:

1. I can't reproduce it on OpenSSH, even with DEBUG logging (What SSH
server/version are you using?)

2. There's no simple way to do that. It would at the very least require
implementing the key exchange part of the protocol; I didn't even look
further as this is way beyond the scope of this plugin.

I suggest that you rather look into your SSH daemon or logging daemon
configuration; or get this fixed with your ssh vendor.

----------------------------------------------------------------------

Comment By: Sergey Svishchev (shattered)
Date: 2007-11-02 08:32

Message:
Logged In: YES 
user_id=45207
Originator: NO

It's check_ssh, not check_by_ssh.

----------------------------------------------------------------------

Comment By: Thomas Guyot (dermoth)
Date: 2007-11-02 05:29

Message:
Logged In: YES 
user_id=375623
Originator: NO

There's no close in there, and no signs of seanius's commit. He either
forgot to commit or commited it to the wrong branch...

I'll take a look shortly. Since I never used check_by_ssh it'll help if
you can give me a sample command-ling and what to look for (In logs I
guess), so I won't have to reinvent the wheel :)

Thanks

----------------------------------------------------------------------

Comment By: Sergey Svishchev (shattered)
Date: 2007-10-31 17:34

Message:
Logged In: YES 
user_id=45207
Originator: NO

This is still a problem in 1.4.3 -- evidently, close() is not enough.

----------------------------------------------------------------------

Comment By: M. Sean Finney (seanius)
Date: 2005-04-11 22:07

Message:
Logged In: YES 
user_id=226838

yup, calling close() before exiting resolves this problem,
i've committed a change to cvs

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1180762&group_id=29880




More information about the Devel mailing list