Description This is a feature that exists to enable connecting to collectors from the supervisor when there is a firewall between the collector and the supervisor.
Restricted user 'tunneluser' runs in a restricted shell that lets only that user create tunnel connections from the supervisor to the originating IP (i.e. enabling reverse-shell connections to the IP that initiated the connection).
Customers who are not using the reverse tunnel feature are advised to disable SSH service on port 19999.Workaround Below the step-by-step procedure:
1) Upload the attached phProvision.sh.patch file to your Super /tmp folder.
2) Check the process with command:
ps aux |grep 19999
the result must be similar to: root 3384 0.0 0.0 66288 1224 ? Ss 11:24 0:00 /usr/sbin/sshd -p 19999 -f /etc/ssh/sshd_config.tunneluser
root 9522 0.0 0.0 103324 916 pts/2 S+ 11:34 0:00 grep 19999
3) Remove the tunneluser configuration file.
rm -f /etc/ssh/sshd_config.tunneluser
4.)copy the patched file over the original one and overwrite it.
cp /tmp/phProvision.sh.patch /etc/init.d/phProvision.sh
cp: overwrite `/etc/init.d/phProvision.sh'? y
5) Kill the existing process listening on port 19999.
pkill -f '/usr/sbin/sshd -p 19999'
6) Restart the system.
shutdown -r now
7) When Super restarted , check that tunneluser is not listening anymore on port 19999.
ps aux |grep 19999
the result must be similar to:
root 10179 0.0 0.0 103320 912 pts/2 S+ 11:35 0:00 grep 19999
Problem Verification
