SSH health checking with ldirectord

[Roberto Nibali]

Hi Sal,

> Would an http check work for SSH?

No, I goofed. Didn't read your email seriously enough; my apologies.

> Doesn't seem like it would. SSH spits
> out the version string when you connect, then, I believe the client
> spits out it's identification string (The RFC doesn't really say what
> that should be) then they go to a 'packet based binary protocol', so I
> don't think I can parse the return from the server at that point,

Correct.

> assuming I can figure out what a correct client string is (perhaps with
> packet sniffing)

New question: What more do you expect to get from connecting to sshd 
with a custom health check than with the port check?

>> Well, it does not seem to be a message created/logged directly by 
>> ldirectord, but rather something like the identd. If you don't want this 
>> message, you have two options:
> 
> Well, it's ssh logging through syslog because ssh sees it as unusual and
> worthy of noting that someone connected to the port then dropped the
> connection. I would normally want these messages, just not from the
> directors. I guess I'll read up on syslog filtering. Never needed to do
> it before, so I never even thought of this option. Thanks!

If you deploy syslog-ng (recommended anyway) it's dead simple. I'll 
gladly help you configuring it if you don't get it running, at least to 
remedy my previous lapse :)

Best regards,
Roberto Nibali, ratz
-- 
echo 
'[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc