What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
300.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Command line parameter for SSH private key

Votes:

0

Your Vote:

Up

Down

I want to create a custom sensor which accesses Linux machines using SSH. For authentication, PRTG provides the command line parameters %linuxuser and %linuxpassword. However, for security reasons, we use SSH pubic key authentication on our Linux servers. The corresponding private keys are in PRTG and work well with predefined SSH sensors. How can I access those private keys in my custom sensor?

command-line custom-sensor ssh

Created on Jan 29, 2015 12:00:26 PM by  ages (1,008) 5 1



7 Replies

Votes:

0

Your Vote:

Up

Down

We do not have a placeholder for the key since this would cause more issues for us when used and we would be forced to change how some of the sensors work. The keys that are set up at the device level will work for the sensors themselves but we cannot pass this parameter through a placeholder.

Created on Jan 30, 2015 12:03:23 PM by  Greg Campion [Paessler Support]



Votes:

0

Your Vote:

Up

Down

So that means SSH is not usable in custom sensors when devices are accessed via RSA authentication (which should be the default in corporate environments)?

Created on Jan 30, 2015 12:10:02 PM by  ages (1,008) 5 1



Votes:

0

Your Vote:

Up

Down

If you place a custom SSH sensor on a Linux machine and are running the sensor locally, the RSA key that is in the settings for that device will be used to run the script. If you are running the SSH sensor to query another Linux machine from the Linux machine that is set up in PRTG, there is no placeholder for an RSA key. So it's possible to run a custom SSH sensor with PRTG when you are using RSA keys, it just isn't possible to use a Linux box to run the custom SSH sensor on a different Linux box.

Created on Feb 2, 2015 8:16:28 AM by  Greg Campion [Paessler Support]



Votes:

0

Your Vote:

Up

Down

What does "the RSA key that is in the settings for that device will be used to run the script" mean? How do I access the RSA key from inside the script? When I connect via SSH to the Linux machine I've created the sensor for using an SSH library, I usually have to explicitly provide the RSA key to use, it doesn't "just happen". In this concrete case, I'm using a Perl script with lib Net::SSH2.

Created on Feb 2, 2015 9:20:52 AM by  ages (1,008) 5 1



Votes:

0

Your Vote:

Up

Down

What I mean is that PRTG will use the RSA key that is stated in the settings for a device to authenticate to the device in order to run the script that it is set up to run.

What does this script do exactly? If you are using the lib SSH2 I would think you are trying to access another Linux machine with the script on the machine that is being monitored by PRTG.

Created on Feb 2, 2015 3:53:46 PM by  Greg Campion [Paessler Support]



Votes:

0

Your Vote:

Up

Down

OK I see the misunderstanding here. We do not use an SSH script sensor, as we have devices where we have SSH access to, but not the option to create the directory on the device that is necessary to hold the scripts in order to be accessible to an SSH script sensor. What we want to create is a script sensor that monitors a device via SSH, having the complete monitoring logic as well as the SSH functionality inside the script that runs on the probe. That's the reason I need to have the SSH private key configured for the device in PRTG to be accessible via a command line argument placeholder, as I need to pass it to the sensor script.

Created on Feb 2, 2015 4:06:45 PM by  ages (1,008) 5 1



Votes:

0

Your Vote:

Up

Down

I will bring this idea up at the next support / dev meeting and write here what the result is. I think that likely it will get shot down since RSA keys are not something that we want to transmit in our skripts for security reasons but I will check and get back to you.

Created on Feb 3, 2015 10:01:05 AM by  Greg Campion [Paessler Support]



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.