Skip to content
This repository has been archived by the owner on Feb 16, 2021. It is now read-only.

SSH Scan Infrastructure Basics

Jump to bottom
Jonathan Claudius edited this page Jun 26, 2018 · 3 revisions

This wiki page can be used to TLDR someone who doesn't yet understand or has forgotten how the SSH Scan infrastructure works and it's various components.

High Level Components

  • SSH Scan: ssh_scan is the core scanning engine and command-line binary to run ssh scans. In an SSH Scan infrastructure, it is used by worker nodes to actually perform the scan. This can be deployed as source, a Ruby gem, or a docker image.

  • SSH Scan API: ssh_scan_api is the web api that users interact with when they want to drive scans. It has simple API routes to task scans, check their status, retreive scan results, and check the overall system health. This is component also serves as the sole communicator with the official backend data store (which is postgres). This can be deployed as source, a Ruby gem, or a docker image. This is also the only component users interact with directly. An infrastructure can have 1 or many of these deployed to meet scale needs, though it's recommended to start with 1.

  • SSH Scan Worker: ssh_scan_worker is a back-end node that pulls work from ssh_scan_api's queued scans, performs the scan by wrapping ssh_scan, and posts the results back to the ssh_scan_api. This can be deployed as source, a Ruby gem, or a docker image. An infrastructure can have 1 or many of these deployed to meet scale needs, though it's recommended to have more than one per infra.

Clone this wiki locally