KBI 220628 SSH Non-Standard Port Not Recognized

Version

Argent Guardian of any version

Date

28 January 2007

Summary

When specifying a non-standard port in license manager for SSH connections to UNIX machines, the non-standard port is not passed to the plink logon to that machine.

Technical Background

For security reasons, some clients have elected to change the standard port for SSH (port 22) on their UNIX machines to a non-standard port (i.e.: 40022 or 60022, etc). When in the Argent Guardian License Manager, when you choose SSH to connect and type in the user name and password, the default TCP/IP port is 22.

Although this can be changed to the non-standard port, the connectivity test and any Relators running on this machine will fail (Fatal: Network error: Connection timed out).

Argent XT uses the following plink command to log into UNIX (which you can test from any command prompt):

PLINK -pw {PASSWORD} {USER}@{HOST}

(This configuration is in the unixssh.ini file found in drive:\ArgentManagementConsole\ArgentGuardian)

To test the connectivity to the target server using the non-standard port, execute the following line in a command prompt:

PLINK -p {PORT} -pw {PASSWORD} {USER}@{HOST}

Substituting PORT for the custom port number

PLINK -p 40022 -pw adminpass admin@10.10.0.27

Resolution

  1. Either hard code the port into the unixssh.ini file

    -p 40022;

    line would read:

    PLINK -p 40022 -pw {PASSWORD} {USER}@{HOST}

  2. Install a UNIX agent or Rule Engine onto the target box and any subsequent boxes that require non-standard port configuration.