ENTERASYS-SSH-SERVER-MIB: View SNMP OID List / Download MIB

This MIB module defines a portion of the SNMP enterprise MIBs under Enterasys Networks' enterprise OID pertaining to Secure Shell (SSH) system management functionality, specifically for embedded systems. This is a subset of the objects that would be required for a full-featured, host- based implementation. It provides configuration controls for Enterasys Networks' Secure Shell system management -- a feature that enhances system security by authenticating and encrypting the remote system management function.

Controls the operation of the Secure Shell server task on the embedded system. When enabled, the SSH server will accept connection requests and create a secure transport layer on which to transmit system configuration data.

Specifies the filter for event log messages. Valid values are information, warning, and error. The values are defined as follows: none (1) Pass no messages. This is effectively a disable condition for Event Logging. information (2) Pass Informational Level, Warning Level and Error Level messages. warning (3) Pass Warning Level and Error Level messages. error (4) Pass Error Level messages only. Enumeration: 'information': 2, 'none': 1, 'warning': 3, 'error': 4.

Specifies the maximum number of simultaneous connections that the target system supports. This is an implementation restriction.

Specifies the maximum number of simultaneous connections that the server will currently allow. This value must be less than or equal to etsysSshMaxConnections.

Specifies the ciphers to use for encrypting the session. Current enumerated types, DES, 3DES, Blowfish, Arcfour, Twofish, and CAST128 are supported. Special values to this option are any, anystd, that allows only standard (see below) ciphers, and anycipher that allows either any available cipher or excludes non-encrypting cipher mode none but allows all others. anystdcipher is the same as above, but includes only those ciphers mentioned in the IETF-SecSH-draft (excluding 'none'). Enumeration: 'blowfish': 5, 'arcFour': 6, 'anyCipher': 2, 'des': 3, 'aes': 9, 'tripleDes': 4, 'twofish': 7, 'cast128': 8, 'anyStdCipher': 1.

Specifies the MAC (Message Authentication Code) algorithm to use for data integrity verification. Currently enumerated types, hmacSha1, hmacSha1Dash96, hmacMd5, hmacMd5Dash96, hmacRipemd160, and hmacRipemd160Dash96 are supported, of which hmacSha1, hmacSha1Dash96, hmacMd5, and hmacMd5Dash96 are included in all distributions. Special values to this option are anyStdMac, that allows only standard (see below) MACs, and anyMac that allows either any available MAC or excludes none but allows all others. AnyStdMac is the same as above, but includes only those MACs mentioned in the IETF-SecSH-draft (excluding none). Enumeration: 'anyStdMac': 1, 'hmacRipemd160': 7, 'anyMac': 2, 'hmacSha1Dash96': 4, 'hmacMd5Dash96': 6, 'hmacMd5': 5, 'hmacRipemd160Dash96': 8, 'hmacSha1': 3.

Specifies the number of seconds after which the key exchange is done again. A value of 0 (zero) turns re-key requests off. This does not prevent the client from requesting re-keys. Note that not all clients support this function.

Specifies optional additional entropy information that will be merged with the seed for the random number generator.

The server disconnects after this many seconds if the user has not successfully been authenticated and logged in. The range limit is from 1 second to 1 hour.

Specifies the maximum number of minutes before a user is disconnected due to lack of activity. A value of zero means that there is no idle timeout.

Banner message that is displayed at the client before the login.

Causes the host to generate a new private/public host key pair, using the cipher algorithm currently selected in etsysSshAdminKeyType. Note that this can be compute intensive on many platforms. The meaning of the values are as follows: notInitiated (1) On a write, this is a no-operation, on a read, it indicates that no key material generation operation has ever been initiated, at least since the last reset to factory defaults initialization of the managed entity. No key material exists. completed (2) On a write, this is a no-operation, on a read, this indicates that a key pair has been successfully generated. failed (3) On a write, this is a no-operation, on a read, it indicates that the key generation operation has failed. generate (4) On a write, this causes the managed entity to generate a new key pair, on a read, it indicates that the managed entity is still working on creating the new keys. completedPending (5) On a write, this is a no-operation, on a read, this indicates that a key pair has been successfully generated but its use is pending due to another required operation, such as a reboot. Enumeration: 'completedPending': 5, 'failed': 3, 'completed': 2, 'generate': 4, 'notInitiated': 1.

The host's public key, of type etsysSshOperKeyType.

Determines the type of the key pair to be (re)created on the next key (re)creation operation. The etsysSshOperKeyType object returns the type of key that is currently being used by the SSH server. Enumeration: 'rsa1024': 4, 'dsa512': 9, 'dsa768': 1, 'rsa3072': 8, 'dsa2048': 5, 'rsa2048': 6, 'dsa3072': 7, 'rsa512': 10, 'rsa768': 2, 'dsa1024': 3.

Indicates the type of the key pair currently in effect on the managed entity. The value of the etsysSshAdminKeyType object is copied to the etsysSshOperKeyType object upon successful completion of the (re)creation of a key pair. A value of none indicates that due to the failure of the initial key pair generation there is no active key pair. Enumeration: 'rsa1024': 4, 'dsa512': 9, 'dsa768': 1, 'rsa3072': 8, 'dsa2048': 5, 'rsa2048': 6, 'none': 99, 'dsa3072': 7, 'rsa512': 10, 'rsa768': 2, 'dsa1024': 3.

Specifies the number of tries that the user has when attempting to authenticate using password authentication.

This specifies the authentications methods that are allowed. This is an enumerated list currently consisting of the following types: password, publickey. Each specifies an authentication method. With RequiredAuthentications, the administrator can force users to complete several authentications before they are considered authenticated. Enumeration: 'allAuth': 1, 'publickey': 3, 'password': 2.

Related to AllowedAuthentications, this is used to specify what authentication methods the users must complete before continuing. If this value is left zero, it does not mean that no authentications are required. It means that the client can authenticate itself with any of the authentications given in AllowedAuthentications. This parameter has no default. Note: This parameter has to be a subset for AllowedAuthentications. Otherwise, the server denies connection every time. Enumeration: 'publickey': 3, 'password': 2, 'noAuth': 1.

A collection of objects providing basic SSH server configuration on a managed entity.

A collection of objects providing advanced feature support for configuration of the SSH server on the managed entity.

A collection of objects to manage SSH event logs on the managed entity. Conditionally mandatory for all managed entities that implement the event log feature.

The compliance statement for devices that support the Enterasys Secure Shell (SSH) MIB.