KBI 311497 Much Improved Linux/UNIX Monitoring With SSH Secure Shell

Version

Argent Advanced Technology 5.1A-1610-D and later versions

Date

Friday, 30 December 2016

Summary

Argent AT 5.1A-1610-D has been enhanced to include built-in SSH functions

It no longer needs PLINK to monitor Linux/UNIX

Comparing with old implementation, Argent AT has been much improved in following areas:

  • Greatly enhanced performance

    When PLINK is used, monitoring Engine must spawn PLINK.exe process to run UNIX script Rules for each Linux/UNIX server

    In Windows 2008 and later, an accompanying cohost.exe process is also spawned

    As a result, when monitoring a lot of Linux/UNIX servers, Argent AT Engine can be flooded with PLINK.exe and cohost.exe processes

    This can put significant burden on Argent AT Engine

    With built-in SSH function, Monitoring Engine can run UNIX script Rules within its process space

    No need to create external processes and no need to do IPC (Inter Process Communication)

    Not only OS is less busy, Rules run much faster

    The performance is much improved

  • No longer needs to answer the prompt when connecting to the Linux/UNIX for the first time

    Linux/UNIX SSH server generally use self-signed certificate

    When PLINK connects to the server for the first time, user is prompted to accept or deny the certificate

    It is usually done when user does the connectivity test in License Manager

    However, if the task is to be executed on Daughter Engine or Trusted Agent, customer has to manually run ‘PLINK user@machine’ on the Engine once for each target server, so that task won’t be stuck at prompt when it is scheduled by Supervising Engine

    It can be extremely inconvenient when dealing with Linux/UNIX servers in hundreds or thousands

    With built-in SSH function, Monitoring Engine automatically accepts self-signed certificate

    Customer does not need to prepare Argent AT Engines like PLINK

  • Avoid showing password while testing connectivity

    When testing connectivity with PLINK in License Manager, Main GUI spawns process with command line ‘PLINK -pw password user@machine cmd’

    While the process is running, the command line is shown on console window title

    Though it can be brief, password could be revealed

    With built-in SSH function, it is no longer an issue

  • No need to install PLINK at Argent AT Engines

    This is obvious and can save a lot of time preparing Argent AT infrastructure

Technical Background

N/A

Resolution

Upgrade to Argent Advanced Technology 5.1A-1610-D