On Unix, the Sysmonitor process (
ssh-mgmt-sysmonitor) performs the Management Agent tasks. The client also needs an ICB (Initial Configuration Block) file at the installation time to connect to the management system.
ssh-mgmt-sysmonitor) carries out the following tasks:
starts other processes and restarts them if they crash
logs all restarts and controls the restart rate
kills other processes if it is itself killed
passes command-line options to other processes
connects to Management Agent (based on the ICB file), handles all restarts related to the management connection
handles encryption and authentication of packets (host-to-host protection [3DES+SHA1] and link protection [TLS])
passes system information to the Management Agent (OS, OS version, etc.)
performs the Management Agent software updates and uninstallations
performs updates and uninstallations for the managed Tectia software
searches for installed Secure Shell (client) binaries (
/opt/ssh2/bin(on HP-UX), finds out the vendor, version number, the SSH product package (workstation vs. server) and the license code, and reports them to the Management Agent
/var/run/sshmgmt-temp-log, (on HP-UX
/etc/syslogd.conf, and reads log messages from there, and rotates this file daily, or whenever it exceeds one megabyte (this is used to extract Secure Shell related log messages and to send them to the Management Agent)
sends host public-key information to the Management Agent, and allows the Management Agent to manipulate (add, update, delete, query) the known hosts (public key) database
allows the Management Agent to update system-wide Secure Shell configuration file(s), restarts Secure Shell servers, and reverts to the old configuration if Secure Shell servers do not start
The hostname of a managed host is detected by the Management Agent, which reports the hostname to the Management Server. The Management Agent determines the fully qualified domain name (FQDN), trying to find a globally resolvable hostname (compared to what the host reports as its name), because this is important for host key naming and distribution.
The hostname resolution can be configured using the
/etc/opt/ssh-mgmt/agent/agent-sysinfo.dat file on managed hosts. Instructions on configuration options are included in the comments of the file.