Why doesn't my Spartez SSH scanner work?

I'm trying to get the Spartez SSH scanner working but getting the error below. I'm following the setup instructions here. Anyone know why this isn't working?

Thanks

# python scanner.py --jira-url=https://jira.my.org/jira/ --jira-user=someuser --jira-password=somepass --self
Using default config file: default-config.xml
Scanning this computer...
------- Scanning host 127.0.0.1
Identifying OS...
Retrieving host MAC addresses for asset record matching...
Traceback (most recent call last):
File "scanner.py", line 49, in <module>
macs = scanner.scanMacAddresses(matcher)
File "/tmp/asset-tracker-scanner-1.0.1/scan/sshscanner.py", line 113, in scanMacAddresses
raise Exception('Unable to retrieve MAC addresses')
Exception: Unable to retrieve MAC addresses
Finished scanning

 

2 answers

This widget could not be displayed.

Hi Dave,

I am one of the developers at Spartez - the vendor behind Asset Tracker.

It seems that the scanner fails because it is unable to retrieve MAC addresses of your network adapters.

To diagnose this, can you check what is the output of the following command:

ifconfig | grep 'ether' | grep -v '00:00:00:00:00:00' | awk '{print $2}'

If this command returns empty string, it means that your ifconfig command returns something unexpected. In this case, can you invoke just 

ifconfig

and let me know what the result is?

Best Regards
Janusz Gorycki, spartez.com

Ah, I see. There is no 'ether' on Linux for the MAC line in the ifconfig output. This works however:

# ifconfig | grep 'HWaddr' | awk '{print $5};'

ea:0f:a3:9e:df:18

Is there  a switch to specify a Linux host?

Actually, OS should have been automatically detected. Somehow I assumed wrongly that you are on a Mac. For Linux, the command used by default for scanning is this one:

ip link list | grep 'link/' | grep -v '00:00:00:00:00:00' | awk '{print $2}'

What does it do in your case?

Also - you can try using the --verbose option to see what the scanner is trying to do.

Hrm..that works fine on the Linux host.

# ip link list | grep 'link/' | grep -v '00:00:00:00:00:00' | awk '{print $2}'
ea:0f:a3:9e:df:18

Ok, I know what is going on. Your only reported MAC address is ea:0f:a3:9e:df:18. This MAC is from the "private" address range (second byte is xA - ea:0f:a3:9e:df:18).

Such addresses are skipped, because they are not supposed to be used by "real" network adapters. So in effect the scanner is unable to detect that your computer has a network adapter, so it cannot uniquely identify it, so the scan is not performed.

Why do you have an adapter with "private" MAC address? Is this some specially configured machine? Perhaps it is some kind of virtual machine?

(sorry for the weird formatting. The input form went stupid on me)

Yes, this is a VM. The MAC is assigned from Proxmox. The IP address is on an internal LAN segment. I've changed the MAC to 00:15:17:c0:ff:ee  and all is working now. I'd rather not change the MAC on every Proxmox (~60) host I have  though. Could you add a switch to the command to ignore private MACs and report anyway?

# python scanner.py --jira-url=https://jira.my.org/jira/ --jira-user=someuser --jira-password=somepass --self --verbose
Using default config file: default-config.xml
Scanning this computer...
------- Scanning host 127.0.0.1
Identifying OS...
Command line: ['/bin/sh', '-c', 'uname ; hostname']
Detected OS: Linux
coston

Retrieving host MAC addresses for asset record matching...
Running command: ip link list | grep \'link/\' | grep -v \'00:00:00:00:00:00\' | awk \'{print $2}\'
Command line: ['/bin/sh', '-c', "ip link list | grep 'link/' | grep -v '00:00:00:00:00:00' | awk '{print $2}'"]
Received:
00:15:17:c0:ff:ee


...

Here is the --verbose output from earlier. It seems to find the MAC (just saw your request for this earlier). No prob on the formatting.

# python scanner.py --jira-url=https://jira.my.org/jira/ --jira-user=someuser --jira-password=somepass --self --verbose
Using default config file: default-config.xml
Scanning this computer...
------- Scanning host 127.0.0.1
Identifying OS...
Command line: ['/bin/sh', '-c', 'uname ; hostname']
Detected OS: Linux
coston

Retrieving host MAC addresses for asset record matching...
Running command: ip link list | grep \'link/\' | grep -v \'00:00:00:00:00:00\' | awk \'{print $2}\'
Command line: ['/bin/sh', '-c', "ip link list | grep 'link/' | grep -v '00:00:00:00:00:00' | awk '{print $2}'"]
Received:
ea:0f:a3:9e:df:18

Traceback (most recent call last):
File "scanner.py", line 46, in <module>
macs = scanner.scanMacAddresses(matcher)
File "/tmp/asset-tracker-scanner-1.0.0/scan/sshscanner.py", line 113, in scanMacAddresses
raise Exception('Unable to retrieve MAC addresses')
Exception: Unable to retrieve MAC addresses
Finished scanning

--

Ok, so we have a root cause then. If you insist on scanning the VM, you will have to modify the scanner source code, so that it allows private MAC addresses - at least ones with 'A' in the first byte. To do that, you will need to locate the file named 

scan/sshscanner.py

in this file, go to line 109. Is thould look like this:

if len(mac) < 15 or mac[1].lower() == '2' or mac[1].lower() == '6' or mac[1].lower() == 'a' or mac[1].lower() == 'e':

make it look like this:

if len(mac) < 15 or mac[1].lower() == '2' or mac[1].lower() == '6' or mac[1].lower() == 'e':

Note however, that if you are going to scan multiple VMs, they may have their MACs duplicated - private MACs are not guaranteed to be unique and indeed sometimes they very much are NOT unique. So the scanner will end up overwriting records in Asset Tracker. To prevent that, you will need to configure your VMs so that they have unique MACs

Ah, I thought all the python scripts were compiled bytecode. I can certainly change this. I see the need to ignore private MACs if indexing is done from them. Thanks for the great response time one this! I will make sure all my VM MACS are unique before deploying this site-wide.

No problem, we are here to help.

By the way - you may find it more convenient to use our support Jira if you have any more questions - the address is https://jira.spartez.com/. Or, you can simply write an email to support@spartez.com - it will land in Jira also. This will give you the fastest of our support channels.

Good to know. Thank you.

This widget could not be displayed.

And another question: are you scanning a Mac or a Linux computer? 

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Wednesday in New to Jira

Are you planning to trial, or are currently trialling Jira Software? - We want to talk to you!

Hello! I'm Rayen, a product manager at Atlassian. My team and I are working hard to improve the trial experience for Jira Software Cloud. We are interested in   talking to 20 people planning t...

165 views 2 0
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you