[hobbit] xymon ssh scan

Xymon User in Richmond hobbit at epperson.homelinux.net
Fri Jun 11 18:56:31 CEST 2010


On Fri, June 11, 2010 12:41, Ralph Mitchell wrote:
> On Fri, Jun 11, 2010 at 11:21 AM, Xymon User in Richmond <
> hobbit at epperson.homelinux.net> wrote:
>
>> On Fri, June 11, 2010 09:30, chap at anastigmatix.net wrote:
>>>
>>> - the identity should not be allowed to run arbitrary commands. an
>>> entry in authorized_keys can be limited to running a single fixed
>>> command.
>>>
>>
>> Just give the identity a login shell of /bin/true in /etc/passwd and
>> you won't have to be concerned about commands from a shell at all.
>
>
> You can also use a command such as /bin/hostname - that would give you a
> way to verify you reached the target system.
>

/bin/true will return exit 0.  If you don't get that far, ssh will return
nonzero.




More information about the Xymon mailing list