gistfile1.txt

rho is a ssh based network inventory tool. It is used to scan a range of
machines, and report basic information about the os installed on them. 


* Assumptions:
- it runs on a "Red Hat" ish machine (RHEL, Fedora)
- The machine rho can reach the machines to be scanned
- The machines to be scanned are running ssh
- The user account rho uses for a machine should have a sh like shell
- The user account rho uses has permission need to run commands and
  read files (aka, not a /bin/login or /bin/false shell)
- The machine running rho has all the needed deps (python,python-paramiko,
  python-netaddr, python-crypto, python-simplejson)


* Report format

Rho supports producing a report format in csv format. The format
at this point is:

ip,port,uname.os,uname.kernel,uname.processor,uname.hardware_platform,redhat-release.name,redhat-release.version,redhat-release.release,systemid.system_id,systemid.username,instnum.instnum,etc-release.etc-release,cpu.count,cpu.vendor_id,cpu.model_name,auth.type,auth.username,auth.name,error

But the format may change. A slightly more detailed info about what those
fields me can be shown with "rho scan --show-fields". Current versions will
show:

auth.name:name of authentication class
auth.type:type of ssh authentication used
auth.username:username ssh
cpu.bogomips:bogomips
cpu.count:number of processors
cpu.cpu_family:cpu family
cpu.model_name:name of cpu model
cpu.model_ver:cpu model version
cpu.vendor_id:cpu vendor name
error:any errors that are found
etc-issue.etc-issue:contents of /etc/issue
etc-release.etc-release:contents of /etc/release (or equilivent)
instnum.instnum:installation number
ip:ip address
port:ssh port
redhat-release.name:name of package that provides 'redhat-release'
redhat-release.release:release of package that provides 'redhat-release'
redhat-release.version:version of package that provides 'redhat-release'
systemid.system_id:Red Hat Network system id
systemid.username:Red Hat Network username
uname.all:uname -a (all)
uname.hardware_platform:uname -i (hardware_platform)
uname.hostname:uname -n (hostname)
uname.kernel:uname -r (kernel)
uname.os:uname -s (os)
uname.processor:uname -p (processor)

* Rho config

Rho stores it's configuration in ~/.rho.conf. The format is a json
file, encrypted with AES-128. 

Config items inclue "auth" and "profile" types. Auth types are
a way to authenticate to ssh. This can be a username and password
or a username and ssh key (and/or, a ssh key passphrase). 

Profile types are classed of hosts to scan. A "profile" type includes
a list of auth types to use, a list of ssh ports, and a list of ip
address ranges to scan. 

IP ranges can take several forms. Some examples include
10.0.0.1     (plain ip)
foo.example.com  (hostname, note names are resolved at when the scan is ran)
10.0.0.1/24	(cidr style ranges)
10.0.0.1 - 10.0.0.200   (dash seperated names [current, the spaces are
required)
10.0.0.1,10.0.0.2   (comma seperated list of ip address)
foo.example.com,10.0.0.2    (any of the above forms, comma seperated)
10.0.0.*        (wildcard ip's, note wildcard hostname are not supported)

A profile can include a list of ranges, and each range can be 1 or more
address. Rho will take the set of all address in all the ranges listed. 

ssh port numbers are just a list of ports to try to find ssh on. The
default is 22 if unspecified. The ports will be tried in the order they
are listed in the list. 

        
* rho auth

Auth types are added with "rho auth add". A name must be specified, as
well as a username. If no ssh key is provided, the user will be prompted
for the password for the username. If a ssh key is provided, the user
will be prompted for a