Your browser does not allow storing cookies. We recommend enabling them.


Management Agent on Unix

On Unix, the Sysmonitor process (ssh-mgmt-sysmonitor) performs the Management Agent tasks. The client also needs an ICB (Initial Configuration Block) file at the installation time to connect to the management system.

Sysmonitor (ssh-mgmt-sysmonitor) carries out the following tasks:

  • starts other processes and restarts them if they crash

  • logs all restarts and controls the restart rate

  • kills other processes if it is itself killed

  • passes command-line options to other processes

  • connects to Management Agent (based on the ICB file), handles all restarts related to the management connection

  • handles encryption and authentication of packets (host-to-host protection [3DES+SHA1] and link protection [TLS])

  • passes system information to the Management Agent (OS, OS version, etc.)

  • performs the Management Agent software updates and uninstallations

  • performs updates and uninstallations for the managed Tectia software

  • searches for installed Secure Shell (client) binaries (ssh, ssh1, ssh2) from /usr/local/bin, /usr/bin, /bin, /usr/pkg/bin, /usr/opt/bin, /opt/bin, /opt/ssh2/bin (on HP-UX), finds out the vendor, version number, the SSH product package (workstation vs. server) and the license code, and reports them to the Management Agent

  • installs /var/run/sshmgmt-temp-log, (on HP-UX /var/opt/ssh-mgmt/sshmgmt-temp-log), into /etc/syslogd.conf, and reads log messages from there, and rotates this file daily, or whenever it exceeds one megabyte (this is used to extract Secure Shell related log messages and to send them to the Management Agent)

  • sends host public-key information to the Management Agent, and allows the Management Agent to manipulate (add, update, delete, query) the known hosts (public key) database

  • allows the Management Agent to update system-wide Secure Shell configuration file(s), restarts Secure Shell servers, and reverts to the old configuration if Secure Shell servers do not start

Hostname Resolution Mechanism

The hostname of a managed host is detected by the Management Agent, which reports the hostname to the Management Server. The Management Agent determines the fully qualified domain name (FQDN), trying to find a globally resolvable hostname (compared to what the host reports as its name), because this is important for host key naming and distribution.

The hostname resolution can be configured using the /etc/opt/ssh-mgmt/agent/agent-sysinfo.dat file on managed hosts. Instructions on configuration options are included in the comments of the file.


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more