perfsonar-dev - Re: [pS-dev] LS usage in SSHTELNET MP

Subject: perfsonar development work

List archive

Re: [pS-dev] LS usage in SSHTELNET MP

From: Guilherme Fernandes <>
To: Stijn Melis <>
Cc: Michael Bischoff <>, "" <>
Subject: Re: [pS-dev] LS usage in SSHTELNET MP
Date: Wed, 04 Jun 2008 13:22:44 +0200
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=aSFbY7/IXlr60DBRR0/Wt8fX46uxc9XvD4cXAJYa1y+RG5xHbmSp9O2JFOX8LUattY wzAL1FyKQPJWLZaMuR2UD3XdpjW7InCU0kaW41FRprUnrYmwVFbsv9Duk4d3AoU9y8HC NF6GaGi6nvWiMSF7Tmcv0sdFrWYDZQ7c9Vqoo=

Stijn Melis wrote:

Guilherme Fernandes wrote:

Stijn Melis wrote:

Also make sure the
registrator=org.perfsonar.service.base.registration.LSRegistrationComponent is defined in the
component.properties

if the registrator and service.r.ls_url is defined then the errors in the log should point to
anything missing.

Best regards,

Michael Bischoff

Hi all,

Hi Stijn,

I managed to find the error, and the MP is now registering it's metadata to the LS. I will test this further tomorrow morning, and then create a new release for this. I'm very sorry for this, but I wasn't aware of this myself.

What was the error? I suppose it wasn't in the java code, right?

There was a small bug in my web admin handler which didn't enable the scheduler when LS registration is activated. Furthermore, I still used an old registrator in the components.properties file.

Andreas, I attached what I received as metadata for the registered MP. You can see that the different devices which are supported are there (in the different data block, there is a metadata block, which contains the device name in the subject element, and the device url as one of the parameter elements). There is no eventType though, so should I add this?.
Or do I have to change this to the syntax you proposed (for instance by creating a different file for registering, because this is the same one I now use as a metadata configuration file which the MP uses)?
As a side note, do you really want to register username and password for the devices?

At the moment I just register the same file as the one which is used by the MP itself. Please note though that the password is encrypted, so there's nothing you can do with the information you get at first sight. However, if there are more people who have a problem with registering this information, I can create a different LS registration file which leaves a few things out.

I took a quick look at the code of the ssh/telnet mp on trunk and have two suggestions.

I can see that you are using DES and that the encryption key is hardcoded. DES is easily bruteforceable, you might want to switch to AES 256bits. The encryption key should be set by the administrator and put in the config file, otherwise someone can just get the encrypted password from the source code that is publicly available to decipher it.

But I don't think this type of information should be registered to the LS anyways.

Cheers,

Guilherme

Cheers,

Stijn

Best regards,

Guilherme

Best regards,

Stijn

------------------------------------------------------------------------

<nmwg:metadata id="http://mdm-1.par.fr.geant2.net:8090/geant2-java-sshtelnet-mp/services/TelnetSSH";>
<perfsonar:subject id="commonParameters">
<psservice:service id="localhost.6caf9ff4:11a48d59f18:2067">
<psservice:serviceName>geant2-java-sshtelnet-mp</psservice:serviceName>
<psservice:accessPoint>http://mdm-1.par.fr.geant2.net:8090/geant2-java-sshtelnet-mp/services/TelnetSSH</psservice:accessPoint>
<psservice:serviceType>mp</psservice:serviceType>
<psservice:serviceDescription>perfSONAR Java SSH TELNET MP</psservice:serviceDescription>
<psservice:serviceVersion>1.3.1</psservice:serviceVersion>
<psservice:organization>Institution</psservice:organization>
<psservice:contactEmail>user@domain</psservice:contactEmail>
</psservice:service>
</perfsonar:subject>
</nmwg:metadata>
<nmwg:data id="http://mdm-1.par.fr.geant2.net:8090/geant2-java-sshtelnet-mp/services/TelnetSSH/0"; metadataIdRef="http://mdm-1.par.fr.geant2.net:8090/geant2-java-sshtelnet-mp/services/TelnetSSH";>
<nmwg:metadata id="metadata0">
<nmwg:subject id="subject0">CiscoTelnet</nmwg:subject>
<nmwg:parameters id="metaParams0">
<nmwg:parameter name="password" value="QGoEPEaUuZzBI1rnej/6qA=="/>
<nmwg:parameter name="cache" value="0"/>
<nmwg:parameter name="timeout" value="0"/>
<nmwg:parameter name="prompt" value="c72.bogon>"/>
<nmwg:parameter name="numberOfUsers" value="0"/>
<nmwg:parameter name="username" value="telnet-mp-test"/>
<nmwg:parameter name="class_name" value="org.perfsonar.service.measurementPoint.lookingGlassType.engine.adapters.CiscoAdapter"/>
<nmwg:parameter name="url" value="c72.bogon.vh.hbone.hu"/>
<nmwg:parameter name="port" value="23"/>
<nmwg:parameter name="rate" value="100"/>
</nmwg:parameters>
</nmwg:metadata>
</nmwg:data>
<nmwg:data id="http://mdm-1.par.fr.geant2.net:8090/geant2-java-sshtelnet-mp/services/TelnetSSH/1"; metadataIdRef="http://mdm-1.par.fr.geant2.net:8090/geant2-java-sshtelnet-mp/services/TelnetSSH";>
<nmwg:metadata id="metadata2">
<nmwg:subject id="subject0">JuniperSSH</nmwg:subject>
<nmwg:parameters id="metaParams0">
<nmwg:parameter name="password" value="QGoEPEaUuZzBI1rnej/6qA=="/>
<nmwg:parameter name="cache" value="0"/>
<nmwg:parameter name="timeout" value="0"/>
<nmwg:parameter name="prompt" value=">"/>
<nmwg:parameter name="numberOfUsers" value="0"/>
<nmwg:parameter name="username" value="telnet-mp-test"/>
<nmwg:parameter name="class_name" value="org.perfsonar.service.measurementPoint.lookingGlassType.engine.adapters.JuniperSshAdapter"/>
<nmwg:parameter name="url" value="m10.vh.hbone.hu"/>
<nmwg:parameter name="port" value="22"/>
<nmwg:parameter name="rate" value="100"/>
</nmwg:parameters>
</nmwg:metadata>
</nmwg:data>
<nmwg:data id="http://mdm-1.par.fr.geant2.net:8090/geant2-java-sshtelnet-mp/services/TelnetSSH/2"; metadataIdRef="http://mdm-1.par.fr.geant2.net:8090/geant2-java-sshtelnet-mp/services/TelnetSSH";>
<nmwg:metadata id="metadata1">
<nmwg:subject id="subject0">JuniperTelnet</nmwg:subject>
<nmwg:parameters id="metaParams0">
<nmwg:parameter name="password" value="QGoEPEaUuZzBI1rnej/6qA=="/>
<nmwg:parameter name="cache" value="0"/>
<nmwg:parameter name="timeout" value="0"/>
<nmwg:parameter name="prompt" value=">"/>
<nmwg:parameter name="numberOfUsers" value="0"/>
<nmwg:parameter name="username" value="telnet-mp-test"/>
<nmwg:parameter name="class_name" value="org.perfsonar.service.measurementPoint.lookingGlassType.engine.adapters.JuniperAdapter"/>
<nmwg:parameter name="url" value="m10.vh.hbone.hu"/>
<nmwg:parameter name="port" value="23"/>
<nmwg:parameter name="rate" value="100"/>
</nmwg:parameters>
</nmwg:metadata>
</nmwg:data>

LS usage in SSHTELNET MP, Stijn Melis, 06/03/2008
- Re: [pS-dev] LS usage in SSHTELNET MP, Michael Bischoff, 06/03/2008
  - Re: [pS-dev] LS usage in SSHTELNET MP, Stijn Melis, 06/03/2008
    - Re: [pS-dev] LS usage in SSHTELNET MP, Guilherme Fernandes, 06/03/2008
      - Re: [pS-dev] LS usage in SSHTELNET MP, Stijn Melis, 06/04/2008
        
        Re: [pS-dev] LS usage in SSHTELNET MP, Guilherme Fernandes, 06/04/2008
        
        Re: [pS-dev] LS usage in SSHTELNET MP, Stijn Melis, 06/04/2008
        
        Re: [pS-dev] LS usage in SSHTELNET MP, Guilherme Fernandes, 06/04/2008
    - Re: [pS-dev] LS usage in SSHTELNET MP, Andreas Hanemann, 06/04/2008
      - Re: [pS-dev] LS usage in SSHTELNET MP, Stijn Melis, 06/04/2008
        
        Re: [pS-dev] LS usage in SSHTELNET MP, Nina Jeliazkova, 06/04/2008
- Re: [pS-dev] LS usage in SSHTELNET MP, Loukik Kudarimoti, 06/03/2008
  - Re: [pS-dev] LS usage in SSHTELNET MP, Stijn Melis, 06/03/2008
- Re: [pS-dev] LS usage in SSHTELNET MP, Andreas Hanemann, 06/03/2008

List archive

Re: [pS-dev] LS usage in SSHTELNET MP