XEDIA-SSHD-MIB
File:
XEDIA-SSHD-MIB.mib (24924 bytes)
Imported modules
Imported symbols
Defined Types
XsshdSessionEntry |
|
SEQUENCE |
|
|
|
|
xsshdSessionIndex |
INTEGER |
|
|
xsshdSessionRemoteIpAddress |
IpAddress |
|
|
xsshdSessionRemoteNode |
DisplayString |
|
|
xsshdSessionRemoteUser |
DisplayString |
|
|
xsshdSessionNegotiation |
DisplayString |
|
|
xsshdSessionTime |
TimeTicks |
|
|
xsshdSessionUiBytesIn |
Counter32 |
|
|
xsshdSessionUiBytesOut |
Counter32 |
|
|
xsshdSessionRowStatus |
INTEGER |
|
XsshdClientKeyEntry |
|
SEQUENCE |
|
|
|
|
xsshdClientKeyIpAddress |
IpAddress |
|
|
xsshdClientKeyUser |
DisplayString |
|
|
xsshdClientKeyData |
LongDisplayString |
|
|
xsshdClientKeyRowStatus |
RowStatus |
|
Defined Values
xediaSshDMIB |
1.3.6.1.4.1.838.3.35 |
This module defines Secure Shell Daemon configuration and
statistics for Xedia AP devices. |
MODULE-IDENTITY |
|
|
|
xsshdCfgAdminStatus |
1.3.6.1.4.1.838.3.35.1.1.1.1 |
The administrative status of Secure Shell in the router.
The value of:
'enabled' - indicates that the ssh daemon will process
requests from clients. If there are enough
node resources, and the host/user pass authentication,
then the user will be allowed to log into the CL.I
'disable' - indicates that the ssh daemon will not
process requests from clients. Existing sessions
will not be torn down.
'testing' - will process requests from clients, and periodically
output a test pattern if the client is authenticated.
'disabledDown' - indicates that the ssh daemon will not process requests
from clients, and, at system initialization, the ssh
daemon will NOT be started. This can be used to free
up node resources if ssh is not going to be used.
Existing sessions will not be torn down.
The ssh daemon can only be started at intialization time. So, if it was
set to 'disabledDown' and the daemon never started, a full node boot will
be required to enable the ssh daemon. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
enabled(1), disabled(2), testing(3), disabledDown(4) |
|
xsshdCfgListenPort |
1.3.6.1.4.1.838.3.35.1.1.1.2 |
The tcp port number that will be used to listen for requests.
Changing this parameter will require a node boot to take affect. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
1..65535 |
|
xsshdCfgKeyName |
1.3.6.1.4.1.838.3.35.1.1.1.3 |
The name of the PKI key-pair that is configured in the box
for use by SSH. It SHOULD be a DSA formatted key. If this
index is left blank, the first available key will be used. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
xsshdCfgMaxSessions |
1.3.6.1.4.1.838.3.35.1.1.1.4 |
The maximum number of SSH sessions allowed at one time. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
1..9 |
|
xsshdCfgSessionEvents |
1.3.6.1.4.1.838.3.35.1.1.1.5 |
The overall control of session event generation that is used
in conjuction with the normal system event filters. If the session
flag is 'disabled' no session events will be sent. If the
flag is 'enabled' the normal event filter mechanisms will
still be used to customize input/output of the events. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
enabled(1), disabled(2) |
|
xsshdCfgUserAuthControl |
1.3.6.1.4.1.838.3.35.1.1.1.6 |
The method of authentication for users. If 'password' is used,
then the user will be looked up and authenticated using the
general 'authentication user table'. If 'publicKey' is used, then
the client/user public key will be looked up in the SSH Client-Key table. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
none(1), passwordUserTable(2), publicKey(3), publicKeyORpassword(4) |
|
xsshdCfgHostAuthControl |
1.3.6.1.4.1.838.3.35.1.1.1.7 |
The method of authentication for client machines. If 'list' is
used, then the client address is validated against the
accept/deny list of clients. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
none(1), hostList(2) |
|
xsshdCfgEncryptionControl |
1.3.6.1.4.1.838.3.35.1.1.1.8 |
This object controls the ciphers that are allowed to be used
during negotiation with a client. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
BIT STRING |
none(0), des(1), des3(2) |
|
xsshdCfgMacControl |
1.3.6.1.4.1.838.3.35.1.1.1.9 |
This object controls the hmac algorithms are allowed to be used
during negotiation with a client. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
BIT STRING |
none(0), sha(1), sha96(2), md5(3), md596(4) |
|
xsshdCfgCompressionControl |
1.3.6.1.4.1.838.3.35.1.1.1.10 |
The methods of compression that can be negotiated. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
BIT STRING |
none(0), zlib(1) |
|
xsshdCfgPasswordRetry |
1.3.6.1.4.1.838.3.35.1.1.1.11 |
The number of times a user can re-enter a password before
the user is considered to be invalid. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..10 |
|
xsshdCfgAuthGraceTime |
1.3.6.1.4.1.838.3.35.1.1.1.12 |
The total number of seconds allowd for host/user authentication. In most
cases only a few seconds is needed. But, in the case of user/password
authentication, the user may 'stall' the session by not supplying
a password in a timely manner. This object roughly defines the
number of seconds to wait for the entire authentication process
to complete. It is NOT an exact number of seconds. The authentication
status is checked as a background task (specific timer interval) for
each session thread. Therefore, it MAY take a few seconds beyond
the configured value for the connection to be terminated. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
10..600 |
|
xsshdCfgIdleTimeOut |
1.3.6.1.4.1.838.3.35.1.1.1.13 |
The number of minutes without any user input, that is
allowed, before disconnecting a session. Setting this value
to zero disables the idle-timeout feature. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..1440 |
|
xsshdCfgHostAcceptList |
1.3.6.1.4.1.838.3.35.1.1.1.14 |
The list of clients that are allowed to connect to the
server. This list is only used if the host control
is set.
The list can be made up of individual addresses separated or
address ranges, with each component being separated by a comma.
ie '1.2.3.4, 1.2.5.0-1.2.5.30' |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
xsshdCfgHostDenyList |
1.3.6.1.4.1.838.3.35.1.1.1.15 |
The list of clients that are not allowed to connect to the
server. This list is only used if the host control
is set.
The list can be made up of individual addresses separated or
address ranges, with each component being separated by a comma.
ie '1.2.3.4, 1.2.5.0-1.2.5.30' |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
xsshdCfgDbgTraceLevel |
1.3.6.1.4.1.838.3.35.1.1.1.16 |
The numeric value that is used to apply 'trace-levels' of the
debug events. It's intended to be used by Xedia Support
only when normal events and statistics are not able to
provide enough information to properly debug problems
in the field. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Integer32 |
|
|
xsshdCfgPresentedKeyTypes |
1.3.6.1.4.1.838.3.35.1.1.1.17 |
This object controls which ssh key types will be presented
to the client during negotiation. Since 'dsa' support is
mandatiory, and 'rsa' support is optional, the administrator
will have some control over what is presented to the clients.
If 'dsa' is chosen, only 'ssh-dss' will be presented to the
client for negotiation. If 'dsaAndRsa' is selected, both
formats will be presented to the client 'ssh-rsa,ssh-dss'.
But, when 'dsaAllowRsa' is used, ssh-rsa will only be
presented to the client when the ssh daemon is using an
rsa formatted key. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
dsa(1), dsaAndRsa(2), dsaAllowRsa(3) |
|
xsshdOperStatus |
1.3.6.1.4.1.838.3.35.1.1.2.1 |
The operational status of Secure Shell in the router. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
upEnable(1), upDisable(2), upTesting(3), notRunning(4) |
|
xsshdOperCiphers |
1.3.6.1.4.1.838.3.35.1.1.2.3 |
The list of Ciphers that can be negotiated base on
what functions are available with the current version of software. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
xsshdOperMacs |
1.3.6.1.4.1.838.3.35.1.1.2.5 |
The list of MAC algorithms that can be negotiated based on
what functions are available with the current version of software. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
xsshdOperCompressions |
1.3.6.1.4.1.838.3.35.1.1.2.7 |
The list of Compression algorithms that can be negotiated based on
what functions are available with the current version of software. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
xsshdOperHostAcceptList |
1.3.6.1.4.1.838.3.35.1.1.2.8 |
The operational list of clients that are allowed to connect to the
server. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
xsshdOperHostDenyList |
1.3.6.1.4.1.838.3.35.1.1.2.9 |
The operational list of clients that are not allowed to connect to the
server. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|
xsshdStatsSessionSuccessCount |
1.3.6.1.4.1.838.3.35.1.1.3.3 |
The total number of SSH sessions that were able to
to obtain all necessary resources, and authenticate
the user and host. (basically, allowed to initiate
a CLI session) |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
xsshdStatsSessionResourceFails |
1.3.6.1.4.1.838.3.35.1.1.3.5 |
The number of session resource failures. This statistic
is incremented for memory and system resource failures as
well as when the maximum number of SSH sessions prohibits
a session from being established. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
xsshdSessionEntry |
1.3.6.1.4.1.838.3.35.1.2.1.1.1 |
An entry containing information about an SSH session |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
XsshdSessionEntry |
|
|
xsshdSessionIndex |
1.3.6.1.4.1.838.3.35.1.2.1.1.1.1 |
The index of the session. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
INTEGER |
1..10 |
|
xsshdSessionTime |
1.3.6.1.4.1.838.3.35.1.2.1.1.1.6 |
The number of 1/100 seconds that the session has been connected. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
TimeTicks |
|
|
xsshdSessionUiBytesIn |
1.3.6.1.4.1.838.3.35.1.2.1.1.1.7 |
The number of data bytes passed to the internal user interface
up from the Secure Shell layer. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
xsshdSessionUiBytesOut |
1.3.6.1.4.1.838.3.35.1.2.1.1.1.8 |
The number of data bytes passed from the internal user interface
down to the Secure Shell layer. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
xsshdSessionRowStatus |
1.3.6.1.4.1.838.3.35.1.2.1.1.1.9 |
The status of the entry. The only operations that are allowed
are 'active' and 'destroy'. Existing sessions can be set to
'active' which causes no change. And, existing sessions can
be set to 'destroy' to abort the particular session. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
active(1), destroy(6) |
|
xsshdClientKeyEntry |
1.3.6.1.4.1.838.3.35.1.3.2.1.1 |
An entry containing information about an SSH session |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
XsshdClientKeyEntry |
|
|
xsshdClientKeyIpAddress |
1.3.6.1.4.1.838.3.35.1.3.2.1.1.1 |
The ip address of the client associated with the key entry. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
xsshdClientKeyUser |
1.3.6.1.4.1.838.3.35.1.3.2.1.1.2 |
The name of the user associated with the key entry. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(1..32) |
|
xsshdCompliance |
1.3.6.1.4.1.838.3.35.2.1.1 |
The compliance statement for all agents that support this
MIB. A compliant agent implements all objects defined in this
MIB. |
Status: current |
Access: read-create |
MODULE-COMPLIANCE |
|
|
|
xsshdAllGroup |
1.3.6.1.4.1.838.3.35.2.2.1 |
The set of all accessible objects in this MIB. |
Status: current |
Access: read-create |
OBJECT-GROUP |
|
|
|