Hosts Inventory with BIUL

On the Hosts Inventory page, you can find hosts that are accessible using SSH. Discovered assets are stored as hosts and can also be managed on the Hosts Inventory page.

This stage does not require a credential. It performs a port scan to test for an SSH connection.

Hosts are discovered in parallel batches to avoid saturating the network connection. The default size is 20. This can be configured by changing the pool settings option.

For more information, see Configure BIUL at https://www.beyondtrust.com/docs/privilege-management/console/beyondinsight-unix-linux/install/configure.htm.

Discover Host Methods

Hosts are discovered through the following methods:

• Scan for Hosts
• Import Hosts
• Scan the Registry Name Service

To access any of these methods, on the Host Inventory page, click the Add Hosts dropdown menu.

While using any of these methods, the grid refreshes automatically every 5 seconds.

Scan for Hosts

IP addresses can be added using one of the following formats:

• Single IP: To discover a single host, type the IP address. For example, 10.1.100.15.
• IP Range: Discover any hosts in a range. For example, 10.1.100.15–10.1.100.20.
• CIDR Notation: Discover hosts in a CIDR block. For example, 10.100.1.10/24.

To manually discover hosts:

1. Enter the IP addresses using one of the accepted formats.
2. Enter an SSH port. The value should map to the SSH port for the host provided. If no SSH port is provided, the default port is 22. Each discovery scan uses a single port regardless of the number of machines.

To update the SSH port for the host, navigate to Host Details. The value can then be configured under General > Connection Details.

3. When discovering a single host, you can enter an SSH fingerprint using SHA-256 format. If the value matches the received fingerprint, the host is automatically accepted. This is optional and only applies when performing single IP discovery.
4. Check the Automatically accept SSH fingerprints box to accept all SSH fingerprints for discovered hosts. If the host already exists in the system, the SSH fingerprint is ignored.
5. Click Scan for Host.

Search for non-sequential IP addresses at the same time by entering each IP address before clicking Scan for Host.

Import Hosts

To import hosts, create a CSV file with a host address, port, and SSH fingerprint (optional) per line. Do not use headers in the file.

The contents of a valid file may look like the following:

"10.100.3.6",22,SHA256:HASHED-KEY
"10.100.3.7",22,SHA256:HASHED-KEY
"10.100.3.8",22,SHA256:HASHED-KEY
"10.100.3.9",22,SHA256:HASHED-KEY

The CSV file can contain fingerprints in the SHA-256 format. If the fingerprint matches, the SSH fingerprint is accepted.

To import a CSV file:

1. On the Host Inventory page, click the targeted area to upload a CSV file in the Import Hosts pane. Alternatively, drag the file into the targeted area.
2. Check the Automatically accept SSH fingerprints from new hosts box to automatically accept discovered fingerprints.
3. Locate the CSV file, and then click Open.

 

Scan the Registry Name Service

The Registry Name Service can be scanned in order to discover hosts. This scans the servers listed in Primary Registry Servers for all of the hosts in the network, adding previously unknown hosts to the console as appropriate.

To scan the Registry Name Service:

1. In the Registry Name Service section, enter an SSH Port. The value should map to the SSH port for the host provided. If no SSH port is provided, the default port is 22. Each discovery scan uses a single port regardless of the number of machines.
2. Check the Automatically accept SSH fingerprints box to accept all SSH fingerprints for discovered hosts. If the host already exists in the system, the SSH fingerprint is ignored.
3. Click Scan Registry Name Service.

 

For more information on the Scan Registry Name Service action, see the Tasks > Task Details page. Any new hosts found will appear on the Hosts > Hosts Inventory page.