[hobbit] Using ssh to retrieve hobbit data
Scott Walters
scott at PacketPushers.com
Wed Jan 4 18:46:50 CET 2006
The script might help ;)
On Wed, 4 Jan 2006, Scott Walters wrote:
>
> > On Tue, Jan 03, 2006 at 02:37:15PM -0500, James B Horwath wrote:
> > > I am converting my BB 19.c system to Hobbit 4.1.2p1. With BB I used to
> > > use ssh to fetch data from remote servers in a DMZ (using the
> > > bb-fetchtab). Can I do this in Hobbit. I have searched the mail archive
> > > and manuals and didn't see the option anywhere.
> >
> > I haven't done this, but off the top of my head it could be done like
> > this:
>
> In these scenarios, I have done a poor mans VPN with SSH instead of
> fetching. Using RSA keys, build a port forward from the BB/hobbit client
> local 1984 to the BB/hobbit server. You then configure the BB/hobbit
> client to use localhost as its BB/hobbit server for communications.
>
> This is "trusted Network' to 'DMZ" security friendly . . .
>
> I then run a monitor on the BB/hobbit server, that attempts to detect the
> VPN, and create if it doesn't exist. The VPN is 'activated' by an "rvs"
> tag in the bb-hosts file. I have had issues with the monitor attempting
> to build multiple tunnels, but haven't pinned it down.
>
> This all presumes the bb/hobbit user on the bb/hobbit server can signing
> via ssh to the bb/hobbit client without passwords (using keys).
>
> Personally, I prefer unencrypted user private keys over HostBased.
>
>
>
--
Scott Walters
-PacketPusher
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rvs.sh
Type: application/x-sh
Size: 818 bytes
Desc:
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20060104/1c7f6370/attachment.sh>
More information about the Xymon
mailing list