In our environment we have hosts that only accept ssh connections over port 22 and other hosts that only accept traffic over another port. At this moment we have to scan everything twice in order to cover all hosts. First we scan on port 22, then we change the port in the /usr/tideway/.ssh/config and rescan the lot.
It would be nice if we could tell Tideway Foundation to try both ports during a scan.
Another way might be to specify the port for each credential in the credential vault.

Edwin can you give us some insight behind the reasons to run ssh on ports other than 22?

It has to do with security (separated public key and password authentication channels) but as you understand, I can’t elaborate too much.

Fact is though, that we use more than one ssh port. The amount of hosts is too high and too dynamic to keep up with in a file. During the test phase we kept all ips that used the other port in the /usr/tideway/.ssh/config, but this didn’t work out. So now we scan everything double.

Thanks for that, makes sense. I was just wondering how common a scenario that is as I’ve only ever seen the case of ssh running on a globally different port in that past.

At the minute when credentials are set you can define the access method we use, but those are essentially just the protocol and we use the standard ports for that protocol. Potentially one way of solving the problem might be to allow the port to be defined as well as the protocol.