| 1 |
<module> |
|---|
| 2 |
<name>ssh2</name> |
|---|
| 3 |
<description><para>The ssh2 module allows reconnoiter to connect to servers over ssh protocol 2 and test the fingerprint.</para></description> |
|---|
| 4 |
<loader>C</loader> |
|---|
| 5 |
<image>ssh2.so</image> |
|---|
| 6 |
<moduleconfig /> |
|---|
| 7 |
<checkconfig> |
|---|
| 8 |
<parameter name="port" |
|---|
| 9 |
required="optional" |
|---|
| 10 |
default="22" |
|---|
| 11 |
allowed="\d+">The TCP port on which the remote server's ssh service is running.</parameter> |
|---|
| 12 |
<parameter name="method_kex" |
|---|
| 13 |
required="optional" |
|---|
| 14 |
default="" |
|---|
| 15 |
allowed="^diffie-hellman-(?:group1-sha1|group14-sha1|group-exchange-sha1)$">The key exchange method to use.</parameter> |
|---|
| 16 |
<parameter name="method_hostkey" |
|---|
| 17 |
required="optional" |
|---|
| 18 |
default="" |
|---|
| 19 |
allowed="^(?:ssh-dss|ssh-rsa)$">The host key algorithm supported.</parameter> |
|---|
| 20 |
<parameter name="method_crypt_cs" |
|---|
| 21 |
required="optional" |
|---|
| 22 |
default="" |
|---|
| 23 |
allowed="^(?:aes256-cbc|aes192-cbc|aes128-cbc|blowfish-cbc|arcfour|cast128-cbc|3des-cbc|none)$">The encryption algorithm used from client to server.</parameter> |
|---|
| 24 |
<parameter name="method_crypt_sc" |
|---|
| 25 |
required="optional" |
|---|
| 26 |
default="" |
|---|
| 27 |
allowed="^(?:aes256-cbc|aes192-cbc|aes128-cbc|blowfish-cbc|arcfour|cast128-cbc|3des-cbc|none)$">The encryption algorithm used from server to client.</parameter> |
|---|
| 28 |
<parameter name="method_mac_cs" |
|---|
| 29 |
required="optional" |
|---|
| 30 |
default="" |
|---|
| 31 |
allowed="^(?:hmac-sha1|hmac-sha1-96|hmac-md5|hmac-md5-96|hmac-ripemd160|none)$">The message authentication code algorithm used from client to server.</parameter> |
|---|
| 32 |
<parameter name="method_mac_sc" |
|---|
| 33 |
required="optional" |
|---|
| 34 |
default="" |
|---|
| 35 |
allowed="^(?:hmac-sha1|hmac-sha1-96|hmac-md5|hmac-md5-96|hmac-ripemd160|none)$">The message authentication code algorithm used from server to client.</parameter> |
|---|
| 36 |
<parameter name="method_comp_cs" |
|---|
| 37 |
required="optional" |
|---|
| 38 |
default="none" |
|---|
| 39 |
allowed="^(?:zlib|none)$">The compress algorithm used from client to server.</parameter> |
|---|
| 40 |
<parameter name="method_comp_sc" |
|---|
| 41 |
required="optional" |
|---|
| 42 |
default="none" |
|---|
| 43 |
allowed="^(?:zlib|none)$">The compress algorithm used from server to client.</parameter> |
|---|
| 44 |
</checkconfig> |
|---|
| 45 |
<examples> |
|---|
| 46 |
<example> |
|---|
| 47 |
<title>Simple ssh polling of 4 machines</title> |
|---|
| 48 |
<para>The following checks ssh on 10.1.2.{3,4,5,6}</para> |
|---|
| 49 |
<programlisting><![CDATA[ |
|---|
| 50 |
<noit> |
|---|
| 51 |
<modules> |
|---|
| 52 |
<module image="ssh2" name="ssh2"/> |
|---|
| 53 |
</modules> |
|---|
| 54 |
<checks> |
|---|
| 55 |
<ssh module="ssh2"> |
|---|
| 56 |
<check uuid="1cddb2a8-76ff-11dd-83c8-f75cb8b93bd9" target="10.1.2.3"/> |
|---|
| 57 |
<check uuid="1dd79110-76ff-11dd-9b54-739adc274a93" target="10.1.2.4"/> |
|---|
| 58 |
<check uuid="4627560a-76ff-11dd-941f-4b75679cb908" target="10.1.2.5"/> |
|---|
| 59 |
<check uuid="4fdcb8de-76ff-11dd-ae16-2740afc178ae" target="10.1.2.6"/> |
|---|
| 60 |
</ssh> |
|---|
| 61 |
</checks> |
|---|
| 62 |
</noit> |
|---|
| 63 |
]]></programlisting> |
|---|
| 64 |
</example> |
|---|
| 65 |
</examples> |
|---|
| 66 |
</module> |
|---|
