Troubleshooting Introduction
It is highly recommended to test SSH access and operation prior to issuing a Discovery scan, to ensure that the hosts are configured correctly for the SSH Collection Module. This can be performed from the SSH credentials section on the RN150 Virtual Appliance, which will validate the ability of the RN150 Virtual Appliance to connect to the target hosts at the network level, and will test the native operation of the SSH Collection Module. However, it may be desired to perform more manual tests from another host in the environment to enable the debugging options in SSH for deeper analysis.
Testing from the RN150 Virtual Appliance is covered above in the credential entry sections. This section will cover the manual tests that can be performed for deeper analysis of the configuration.
To test SSH access to a target host, first sign in to another host in the environment that provides an SSH client. This will be referred to as the "local" host, while the host that is being connected to is referred to as the "target". In the following examples, the target is assumed to have an IP address of 10.0.0.2, and the username of the account we are connecting to is "risc".
The general structure of the SSH command, in manpage format, is as follows:
ssh [flags] [authentication-flags] <username>@<host-IP> "<command>"
A breakdown of this command is as follows:
|
Component |
Format |
Description |
|
ssh |
literal |
The SSH client binary |
|
[flags] |
optional |
General flags to control the SSH client behavior |
|
[authentication-flags] |
optional |
Controls explicit authentication behavior |
|
<username> |
replace |
The username of the account we are connecting with |
|
<host-IP> |
replace |
The IP address of the target host |
|
"<command>" |
replace |
The command to issue on the target host, contained in single or double quotes |