User`s guide

ManualsBrandsVMware ManualsOtherVCENTER APPLICATION DISCOVERY MANAGER 6.1 - REPOSITORY

Table Of Contents

Application Discovery Manager User’s Guide

ADM User’s Guide

38 VMware, Inc.

6Listener(passive)

7IPDiscovery(passive)

SSH

SecureShell(SSH)isastandardprotocolforsecureremoteaccesstoUNIX‐likeoperatingsystems.SSHservers

arebuiltintomostLinuxdistributions,MacOS‐X,SunSolaris,OpenBSD,andmostotherUNIX‐likeoperating

systems.SSHserversfromvariousvendorsarealsoavailableforWindows.

Remoteaccesstoa

hostthatrunsanSSHserverstartsbyauthenticatingtheclient’sidentity. Aftertheclient

identityisauthenticated,anencryptedcommunicationchannelopens.Theclientcanthenexaminefilesand

runcommandsontheserverhost.Theprivilegesandpermissionsoftheclientaredeterminedbytheserver

accordingtoits

identity.Forexample,iftheclientusesaguestaccountwithfewprivileges,mostofthe

informationisnotavailabletothisuser.

SSHhastwoversions.Version2isnormallyinuse,whileversion1islessrecommended.SinceSSHclientsand

serversautomaticallydetecteachother’sversionsandcoordinate

theircommunications,noactionisrequired.

Detail Discovery with SSH

ADMusesSSHtoaccesshoststhatrunSSHservers,andtoobtaininformationabouttheoperatingsystem,

hardware,andsoftwareinstalledontheserverhost.

BothSSHversions1and2aresupportedautomaticallywithnouserinteraction.Authenticationisbasedon

specifyingausernameandpasswordtouse

whenaccessingthemanagedhosts;thesearestoredbyADM

internallyinanencryptedform.

SSH Server Deployment Recommendations

Firewall Settings

SSHqueriesarenormallyperformedonTCPport22ontheserver.IfafirewallexistsbetweentheADM

applianceandthemonitorednetwork,thisportneedstobeopenforconnectionsinitiatedbytheADM

appliance.

SSH Server Settings

DiscoverywithSSHofserversrunningtheOpenSSHserver(sshd)requiresthattheʺ

Passw ordAuthenticationʺ

fieldcontainthevalue“yes”intheserversettingsfile(often,/etc/ssh/sshd_config).Insomeoperating

systems,suchasSuSE,thedefaultis“no”andneedstobechangedfortheSSHdiscoverytocomplete.

Credentials

DetaildiscoverywithSSHisbasedonaccessingthemanagedhostwithapredefineduser

nameandpassword.

Formoreinformationonnecessaryprivileges,downloadthedocumentdiscovery_coverage.xlsfrom:

http://downloads.vmware.com/ApplicationDiscoveryManager

IfADMisusedtodiscoverconfigurationofservicessuchasapplicationservers,databases,andwebservers,

thisusermightneedmorereadprivilegesiftheconfigurationfilesoftheseservicesarenotaccessibleby



ordinaryusers.

Forexample,insomesites,theOracledatabaseserverisinstalledandrunwithaspecial“oracle”user

belongingtoaspecial“oracle”group.Theconfigurationfilesfortheservermightonlybereadablebyusersin

the“oracle”group.HavingADMuseauserinthisgroup

wouldallowittoaccessthesefilesandretrieve

valuableanddetailedconfigurationinformationthatisotherwiseunavailable.

IMPORTANTItisnotrecommendedtousetheuser“root”forsecurityreasons.