[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [hobbit] xymon ssh scan

To: hobbit (at) hswn.dk
Subject: Re: [hobbit] xymon ssh scan
From: "Xymon User in Richmond" <hobbit (at) epperson.homelinux.net>
Date: Fri, 11 Jun 2010 12:56:31 -0400
Importance: Normal
References: <1CC2019D6A90EC449020595534777D4F8A6EE21A37 (at) VPEXCH03.purdue.lcl> <201006110835.16511.bgmilne (at) staff.telkomsa.net> <1503724d6f25803abd77252cecb7ff59.squirrel (at) ghost.securenet-server.net> <188e628b1a7613f14709520d2105e012.squirrel (at) epperson.homelinux.net> <AANLkTikZnjgykdVKdEUmVvVLf-OHMCxsScuBG8MM8agV (at) mail.gmail.com>
User-agent: SquirrelMail/1.4.20-1.fc12

On Fri, June 11, 2010 12:41, Ralph Mitchell wrote:
> On Fri, Jun 11, 2010 at 11:21 AM, Xymon User in Richmond <
> hobbit (at) epperson.homelinux.net> wrote:
>
>> On Fri, June 11, 2010 09:30, chap (at) anastigmatix.net wrote:
>>>
>>> - the identity should not be allowed to run arbitrary commands. an
>>> entry in authorized_keys can be limited to running a single fixed
>>> command.
>>>
>>
>> Just give the identity a login shell of /bin/true in /etc/passwd and
>> you won't have to be concerned about commands from a shell at all.
>
>
> You can also use a command such as /bin/hostname - that would give you a
> way to verify you reached the target system.
>

/bin/true will return exit 0.  If you don't get that far, ssh will return
nonzero.

References:
- xymon ssh scan
  - From: McGraw, Robert P
- Re: [hobbit] xymon ssh scan
  - From: Buchan Milne
- Re: [hobbit] xymon ssh scan
  - From: chap
- Re: [hobbit] xymon ssh scan
  - From: Xymon User in Richmond
- Re: [hobbit] xymon ssh scan
  - From: Ralph Mitchell

Prev by Date: Re: [hobbit] xymon ssh scan
Next by Date: Re: [hobbit] Trying to create a graph
Previous by thread: Re: [hobbit] xymon ssh scan
Next by thread: Hobbit falsely shows red alerts periodically
Index(es):
- Date
- Thread