The Unix version of the Management Agent consists of the Master, Router and Sysmonitor processes.
The components are installed as one RPM or other native package. The client also needs an ICB (Initial Configuration Block) file at the installation time to connect to the management system.
The processes are described in more detail below:
starts other processes and restarts them if they crash
logs all restarts and controls the restart rate
kills other processes if it is itself killed
passes command-line options to other processes
connects to Management Agent (based on the ICB file), handles all restarts related to the management connection
handles encryption and authentication of packets (host-to-host protection [3DES+SHA1] and link protection [TLS])
passes system information to the Management Agent (OS, OS version, etc.)
performs the Management Agent software updates and uninstallations
performs updates and uninstallations for the managed SSH Tectia software
searches for installed Secure Shell (client) binaries (
/opt/ssh2/bin(on HP-UX), finds out the vendor, version number, SSH product package (workstation vs. server) and license code, and reports them to the Management Agent
/var/run/sshmgmt-temp-log, (on HP-UX
/etc/syslogd.conf, and reads log messages from there, and rotates this file daily, or whenever it exceeds one megabyte (this is used to extract Secure Shell related log messages and to send them to the Management Agent)
sends host public-key information to the Management Agent, and allows the Management Agent to manipulate (add, update, delete, query) the known hosts (public key) database
allows the Management Agent to update system-wide Secure Shell configuration file(s), restarts Secure Shell servers, and reverts to the old configuration if Secure Shell servers do not start
The hostname of a managed host is detected by the Management Agent, which reports the hostname to the Management Server. The Management Agent determines the fully qualified domain name (FQDN), trying to find a globally resolvable hostname (compared to what the host reports as its name), because this is important for host key naming and distribution.
The hostname resolution can be configured using the
/etc/opt/ssh-mgmt/agent/agent-sysinfo.dat file on managed hosts. Instructions on configuration options are included in the comments of the file.