forked from circonus-labs/reconnoiter
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ssh2.xml
66 lines (66 loc) · 3.17 KB
/
ssh2.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
<module>
<name>ssh2</name>
<description><para>The ssh2 module allows reconnoiter to connect to servers over ssh protocol 2 and test the fingerprint.</para></description>
<loader>C</loader>
<image>ssh2.so</image>
<moduleconfig />
<checkconfig>
<parameter name="port"
required="optional"
default="22"
allowed="\d+">The TCP port on which the remote server's ssh service is running.</parameter>
<parameter name="method_kex"
required="optional"
default=""
allowed="^diffie-hellman-(?:group1-sha1|group14-sha1|group-exchange-sha1)$">The key exchange method to use.</parameter>
<parameter name="method_hostkey"
required="optional"
default=""
allowed="^(?:ssh-dss|ssh-rsa)$">The host key algorithm supported.</parameter>
<parameter name="method_crypt_cs"
required="optional"
default=""
allowed="^(?:aes256-ctr|aes192-ctr|aes128-ctr|aes256-cbc|aes192-cbc|aes128-cbc|blowfish-cbc|arcfour128|arcfour|cast128-cbc|3des-cbc|none)$">The encryption algorithm used from client to server.</parameter>
<parameter name="method_crypt_sc"
required="optional"
default=""
allowed="^(?:aes256-ctr|aes192-ctr|aes128-ctr|aes256-cbc|aes192-cbc|aes128-cbc|blowfish-cbc|arcfour128|arcfour|cast128-cbc|3des-cbc|none)$">The encryption algorithm used from server to client.</parameter>
<parameter name="method_mac_cs"
required="optional"
default=""
allowed="^(?:hmac-sha1|hmac-sha1-96|hmac-md5|hmac-md5-96|hmac-ripemd160|none)$">The message authentication code algorithm used from client to server.</parameter>
<parameter name="method_mac_sc"
required="optional"
default=""
allowed="^(?:hmac-sha1|hmac-sha1-96|hmac-md5|hmac-md5-96|hmac-ripemd160|none)$">The message authentication code algorithm used from server to client.</parameter>
<parameter name="method_comp_cs"
required="optional"
default="none"
allowed="^(?:zlib|none)$">The compress algorithm used from client to server.</parameter>
<parameter name="method_comp_sc"
required="optional"
default="none"
allowed="^(?:zlib|none)$">The compress algorithm used from server to client.</parameter>
</checkconfig>
<examples>
<example>
<title>Simple ssh polling of 4 machines</title>
<para>The following checks ssh on 10.1.2.{3,4,5,6}</para>
<programlisting><![CDATA[
<noit>
<modules>
<module image="ssh2" name="ssh2"/>
</modules>
<checks>
<ssh module="ssh2">
<check uuid="1cddb2a8-76ff-11dd-83c8-f75cb8b93bd9" target="10.1.2.3"/>
<check uuid="1dd79110-76ff-11dd-9b54-739adc274a93" target="10.1.2.4"/>
<check uuid="4627560a-76ff-11dd-941f-4b75679cb908" target="10.1.2.5"/>
<check uuid="4fdcb8de-76ff-11dd-ae16-2740afc178ae" target="10.1.2.6"/>
</ssh>
</checks>
</noit>
]]></programlisting>
</example>
</examples>
</module>