Performs validation of remote filesystem integrity and executes health checks. Supports self-repair commands
Project description
ssh-server-audit
================
Tiny application for centralized monitoring of remote servers.
In comparison to traditional health checks `ssh-server-audit` is executing commands using _SSH_.
Functionality:
- SOCKS proxy support: Possibility to hide service in the internet using TOR
- Health checks: Execute remote command, check exit code. Execute other command on failure to repair simple things
- Authenticity check: Check if remote filesystem is untouched by third-party (eg. by hosting provider, by other hosting users, by the government)
### Quick start
1. Create a configuration file, example:
```
test_vagrant_volume: # name it as you want
socks_host: "" # (optional) leave empty if not using socks
socks_port: 9150 # (optional) but needs to be valid
host: "localhost"
port: 2422
user: root
password: "root"
auth_method: password
public_key: ""
passphrase: ""
checksum_method: "sha256sum" # command name on remote server that will be doing checksums (eg. md5sum, sha256 sum)
# files to verify on remote server, leave just "[]" without "" to not use checksums validation
checksum_files:
sh: '/bin/sh'
bash: '/bin/bash'
losetup: '$(whereis losetup|awk "{print \$2}")'
# when at least one checksum would not match, then you can run a "repair command"
# for example unmount an encrypted volume with logs, user identities, databases
on_security_violation: "echo 'Something on security violation'"
# health checks, use "[]" without "" to not use health checks.
healthchecks:
- command: "ps aux |grep nginx"
on_failure: "echo 'Something on failure'"
- command: "ps aux |grep bash"
on_failure: "echo 'This should not show'"
```
================
Tiny application for centralized monitoring of remote servers.
In comparison to traditional health checks `ssh-server-audit` is executing commands using _SSH_.
Functionality:
- SOCKS proxy support: Possibility to hide service in the internet using TOR
- Health checks: Execute remote command, check exit code. Execute other command on failure to repair simple things
- Authenticity check: Check if remote filesystem is untouched by third-party (eg. by hosting provider, by other hosting users, by the government)
### Quick start
1. Create a configuration file, example:
```
test_vagrant_volume: # name it as you want
socks_host: "" # (optional) leave empty if not using socks
socks_port: 9150 # (optional) but needs to be valid
host: "localhost"
port: 2422
user: root
password: "root"
auth_method: password
public_key: ""
passphrase: ""
checksum_method: "sha256sum" # command name on remote server that will be doing checksums (eg. md5sum, sha256 sum)
# files to verify on remote server, leave just "[]" without "" to not use checksums validation
checksum_files:
sh: '/bin/sh'
bash: '/bin/bash'
losetup: '$(whereis losetup|awk "{print \$2}")'
# when at least one checksum would not match, then you can run a "repair command"
# for example unmount an encrypted volume with logs, user identities, databases
on_security_violation: "echo 'Something on security violation'"
# health checks, use "[]" without "" to not use health checks.
healthchecks:
- command: "ps aux |grep nginx"
on_failure: "echo 'Something on failure'"
- command: "ps aux |grep bash"
on_failure: "echo 'This should not show'"
```
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
ssh-server-audit-1.0.2.tar.gz
(40.9 kB
view details)
Built Distribution
File details
Details for the file ssh-server-audit-1.0.2.tar.gz.
File metadata
- Download URL: ssh-server-audit-1.0.2.tar.gz
- Upload date:
- Size: 40.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/41.0.1 requests-toolbelt/0.9.1 tqdm/4.31.1 CPython/3.6.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | e121a639568b33fa89d39730fb3be0eb274280a146fd8b0f648ac7c4b8692644 |
|
| MD5 | b753d2ff6e5e00223c0118afc7462243 |
|
| BLAKE2b-256 | dd54b2ca8709fd9f78cff7342981c0bf6e0e61a3c0e1f52ec816fbe0727a28e8 |
File details
Details for the file ssh_server_audit-1.0.2-py3-none-any.whl.
File metadata
- Download URL: ssh_server_audit-1.0.2-py3-none-any.whl
- Upload date:
- Size: 19.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/41.0.1 requests-toolbelt/0.9.1 tqdm/4.31.1 CPython/3.6.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | ecd061acf8b417d634e32d9e715b4d3a62980f6ea17f8fb2a7eb9040e8ec9d6e |
|
| MD5 | ed4344a4ab0347cb1c61b5723c689bc0 |
|
| BLAKE2b-256 | e83d821a169d6f83f3764e5349fd1c217975d3f4ef69e9dfd8d0e12c00259523 |
