5.40. ssh2

The ssh2 module allows reconnoiter to connect to servers over ssh protocol 2 and test the fingerprint.

loader

C

image

ssh2.so

5.40.1. Module Configuration

5.40.2. Check Configuration

port
required

optional

default

22

allowed

\d+

The TCP port on which the remote server's ssh service is running.

method_kex
required

optional

default

allowed

^diffie-hellman-(?:group1-sha1|group14-sha1|group-exchange-sha1)$

The key exchange method to use.

method_hostkey
required

optional

default

allowed

^(?:ssh-dss|ssh-rsa)$

The host key algorithm supported.

method_crypt_cs
required

optional

default

allowed

^(?:aes256-ctr|aes192-ctr|aes128-ctr|aes256-cbc|aes192-cbc|aes128-cbc|blowfish-cbc|arcfour128|arcfour|cast128-cbc|3des-cbc|none)$

The encryption algorithm used from client to server.

method_crypt_sc
required

optional

default

allowed

^(?:aes256-ctr|aes192-ctr|aes128-ctr|aes256-cbc|aes192-cbc|aes128-cbc|blowfish-cbc|arcfour128|arcfour|cast128-cbc|3des-cbc|none)$

The encryption algorithm used from server to client.

method_mac_cs
required

optional

default

allowed

^(?:hmac-sha1|hmac-sha1-96|hmac-md5|hmac-md5-96|hmac-ripemd160|none)$

The message authentication code algorithm used from client to server.

method_mac_sc
required

optional

default

allowed

^(?:hmac-sha1|hmac-sha1-96|hmac-md5|hmac-md5-96|hmac-ripemd160|none)$

The message authentication code algorithm used from server to client.

method_comp_cs
required

optional

default

none

allowed

^(?:zlib|none)$

The compress algorithm used from client to server.

method_comp_sc
required

optional

default

none

allowed

^(?:zlib|none)$

The compress algorithm used from server to client.

Example 5.42. Simple ssh polling of 4 machines

The following checks ssh on 10.1.2.{3,4,5,6}

      <noit>
        <modules>
          <module image="ssh2" name="ssh2"/>
        </modules>
        <checks>
          <ssh module="ssh2">
            <check uuid="1cddb2a8-76ff-11dd-83c8-f75cb8b93bd9" target="10.1.2.3"/>
            <check uuid="1dd79110-76ff-11dd-9b54-739adc274a93" target="10.1.2.4"/>
            <check uuid="4627560a-76ff-11dd-941f-4b75679cb908" target="10.1.2.5"/>
            <check uuid="4fdcb8de-76ff-11dd-ae16-2740afc178ae" target="10.1.2.6"/>
          </ssh>
        </checks>
      </noit>