Skip to content

Change the condition in *ghe-host-check* when access through port 22 fails #304

Merged
pnsk merged 2 commits into
masterfrom
change-ghe-host-check
May 19, 2017
Merged

Change the condition in *ghe-host-check* when access through port 22 fails #304
pnsk merged 2 commits into
masterfrom
change-ghe-host-check

Conversation

@pnsk

@pnsk pnsk commented May 16, 2017

Copy link
Copy Markdown
Contributor

The current condition:

            if echo "$output" | grep -i "port 22: connection refused\|port 22: no route to host\|ssh_exchange_identification: Connection closed by remote host\|Connection timed out during banner exchange" >/dev/null; then
                exec "$(basename $0)" "$hostname:122"
            fi

can't catch the simple "Connection time out" error like:

ssh: connect to host xxx.xxx.xxx.xxx port 22: Connection timed out

So, I changed the condition a bit.

@snh

snh commented May 16, 2017

Copy link
Copy Markdown
Member

This can be reproduced by adding a -j DROP iptables rule on your backup host:

sudo iptables -I OUTPUT -p tcp -d [ghe-ip] --dport 22 -j DROP

snh
snh suggested changes May 16, 2017
View reviewed changes
Comment thread bin/ghe-host-check Outdated
case $rc in
255)
if echo "$output" | grep -i "port 22: connection refused\|port 22: no route to host\|ssh_exchange_identification: Connection closed by remote host\|Connection timed out during banner exchange" >/dev/null; then
if echo "$output" | grep -i "port 22: connection refused\|port 22: no route to host\|ssh_exchange_identification: Connection closed by remote host\|Connection timed out" >/dev/null; then

@snh snh May 16, 2017

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To minimise the chances of this hiding issues with 122, can we leave the banner exchange match as is, and add a new one for port 22: Connection timed out, so that it only matches on 22?

Without this, it can get stuck in a loop if 22 and 122 both time out.

@pnsk pnsk May 16, 2017

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Without this, it can get stuck in a loop if 22 and 122 both time out.

Ah yes, you're right. It'll loop.

@pnsk pnsk merged commit 3c5cc8b into master May 19, 2017
@pnsk pnsk deleted the change-ghe-host-check branch May 19, 2017 02:50
@snh snh mentioned this pull request Jun 7, 2017
Merged
jeluhu pushed a commit that referenced this pull request Jun 12, 2023
@davidjarzebowski
Merge pull request #304 from github/djj-update-rsync-min-version
5fdf66b 
Update requirements to help customers understand whether the rsync version on their backup host will work
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@snh snh snh approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pnsk @snh