Created
October 27, 2009 17:00
-
-
Save alikins/219727 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rho is a ssh based network inventory tool. It is used to scan a range of | |
machines, and report basic information about the os installed on them. | |
* Assumptions: | |
- it runs on a "Red Hat" ish machine (RHEL, Fedora) | |
- The machine rho can reach the machines to be scanned | |
- The machines to be scanned are running ssh | |
- The user account rho uses for a machine should have a sh like shell | |
- The user account rho uses has permission need to run commands and | |
read files (aka, not a /bin/login or /bin/false shell) | |
- The machine running rho has all the needed deps (python,python-paramiko, | |
python-netaddr, python-crypto, python-simplejson) | |
* Report format | |
Rho supports producing a report format in csv format. The format | |
at this point is: | |
ip,port,uname.os,uname.kernel,uname.processor,uname.hardware_platform,redhat-release.name,redhat-release.version,redhat-release.release,systemid.system_id,systemid.username,instnum.instnum,etc-release.etc-release,cpu.count,cpu.vendor_id,cpu.model_name,auth.type,auth.username,auth.name,error | |
But the format may change. A slightly more detailed info about what those | |
fields me can be shown with "rho scan --show-fields". Current versions will | |
show: | |
auth.name:name of authentication class | |
auth.type:type of ssh authentication used | |
auth.username:username ssh | |
cpu.bogomips:bogomips | |
cpu.count:number of processors | |
cpu.cpu_family:cpu family | |
cpu.model_name:name of cpu model | |
cpu.model_ver:cpu model version | |
cpu.vendor_id:cpu vendor name | |
error:any errors that are found | |
etc-issue.etc-issue:contents of /etc/issue | |
etc-release.etc-release:contents of /etc/release (or equilivent) | |
instnum.instnum:installation number | |
ip:ip address | |
port:ssh port | |
redhat-release.name:name of package that provides 'redhat-release' | |
redhat-release.release:release of package that provides 'redhat-release' | |
redhat-release.version:version of package that provides 'redhat-release' | |
systemid.system_id:Red Hat Network system id | |
systemid.username:Red Hat Network username | |
uname.all:uname -a (all) | |
uname.hardware_platform:uname -i (hardware_platform) | |
uname.hostname:uname -n (hostname) | |
uname.kernel:uname -r (kernel) | |
uname.os:uname -s (os) | |
uname.processor:uname -p (processor) | |
* Rho config | |
Rho stores it's configuration in ~/.rho.conf. The format is a json | |
file, encrypted with AES-128. | |
Config items inclue "auth" and "profile" types. Auth types are | |
a way to authenticate to ssh. This can be a username and password | |
or a username and ssh key (and/or, a ssh key passphrase). | |
Profile types are classed of hosts to scan. A "profile" type includes | |
a list of auth types to use, a list of ssh ports, and a list of ip | |
address ranges to scan. | |
IP ranges can take several forms. Some examples include | |
10.0.0.1 (plain ip) | |
foo.example.com (hostname, note names are resolved at when the scan is ran) | |
10.0.0.1/24 (cidr style ranges) | |
10.0.0.1 - 10.0.0.200 (dash seperated names [current, the spaces are | |
required) | |
10.0.0.1,10.0.0.2 (comma seperated list of ip address) | |
foo.example.com,10.0.0.2 (any of the above forms, comma seperated) | |
10.0.0.* (wildcard ip's, note wildcard hostname are not supported) | |
A profile can include a list of ranges, and each range can be 1 or more | |
address. Rho will take the set of all address in all the ranges listed. | |
ssh port numbers are just a list of ports to try to find ssh on. The | |
default is 22 if unspecified. The ports will be tried in the order they | |
are listed in the list. | |
* rho auth | |
Auth types are added with "rho auth add". A name must be specified, as | |
well as a username. If no ssh key is provided, the user will be prompted | |
for the password for the username. If a ssh key is provided, the user | |
will be prompted for a | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment