--MibName=raisecomSsh -- ======================================================================= -- SSH MIB -- -- Version 1.0 Created at Sep 10, 2007 by LIQIONG -- -- -- -- Copyright(c) 2002-2005 by RAISECOM TECH, Ltd. -- ======================================================================= RAISECOM-SSH-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, OBJECT-IDENTITY, IpAddress FROM SNMPv2-SMI TruthValue, RowStatus FROM SNMPv2-TC EnableVar FROM SWITCH-TC raisecomAgent FROM RAISECOM-BASE-MIB; raisecomSsh MODULE-IDENTITY LAST-UPDATED "200009210000Z" -- 21 September 2000 ORGANIZATION "raisecom" CONTACT-INFO "raisecom" DESCRIPTION "" ::= { raisecomAgent 15 } raisecomSshObjects OBJECT IDENTIFIER ::= { raisecomSsh 1 } raisecomSshTraps OBJECT IDENTIFIER ::= { raisecomSsh 2 } -- raisecomSshSvrConfiguration group raisecomSshSvrConfiguration OBJECT IDENTIFIER ::= { raisecomSshObjects 1 } sshServerVersion OBJECT-TYPE SYNTAX INTEGER { ssh-1(1), ssh-2(2), both(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the Secure Shell server working version. In another words, it specifies which versions of Secure Shell protocol connections that device will accept from Secure Shell clients." DEFVAL { 3 } ::= { raisecomSshSvrConfiguration 1 } sshServerAuthenTimeout OBJECT-TYPE SYNTAX INTEGER (100..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies time limit client takes to pass server authentication. The server will disconnect the client that can't pass authentication in the time this object specifies since its first request." DEFVAL { 600 } ::= { raisecomSshSvrConfiguration 2 } sshServerAuthenRetries OBJECT-TYPE SYNTAX INTEGER (1..100) MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies time limit client takes to pass server authentication. The server will disconnect the client that can't pass authentication in the time this object specifies since its first request." DEFVAL { 20 } ::= { raisecomSshSvrConfiguration 3 } sshServerHostKeyName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..16)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the name of host key server uses." ::= { raisecomSshSvrConfiguration 4 } sshServerEnable OBJECT-TYPE SYNTAX EnableVar MAX-ACCESS read-write STATUS current DESCRIPTION "Enables or disables the Secure Shell (SSH) server on the device." ::= { raisecomSshSvrConfiguration 5 } sshServerAuthenType OBJECT-TYPE SYNTAX INTEGER{ none(1), public_key(2), pass_word(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the way client takes to pass server authentication." ::= { raisecomSshSvrConfiguration 6 } sshServerPort OBJECT-TYPE SYNTAX INTEGER (1..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the listen port of ssh server." DEFVAL { 22 } ::= { raisecomSshSvrConfiguration 7 } --raisecomSshKeyPairMgnt raisecomSshKeyPairMgnt OBJECT IDENTIFIER ::= { raisecomSshObjects 2 } sshKeyPairGenerationStatus OBJECT-TYPE SYNTAX INTEGER { keyGenerationSuccess(1), keyGenerationInProgress(2), keyGenerationInvalidName(3), keyGenerationInvalidModulus(4), keyGenerationKeyExist(5), keyGenerationNumLimit(6), keyGenerationKeySavingError(7) } MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the status of key generation. The keyGenerationSuccess indicates that key generation succeeded. The keyGenerationInvalidName indicates that the sshKeyPairName is invalid. The keyGenerationInvalidModulus indicates that the sshKeyPairModulusSz is invalid. The keyGenerationKeyPairExist indicates that there's key with the same name. The keyGenerationKeySavingError indicates that saving key failed. The keyGenerationNumLimit indicates that the number of keys reaches to limit. The keyGenerationInProgress indicates that the key is being generated." ::= { raisecomSshKeyPairMgnt 1 } sshKeyPairTable OBJECT-TYPE SYNTAX SEQUENCE OF SshKeyPairEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "" ::= { raisecomSshKeyPairMgnt 2 } sshKeyPairEntry OBJECT-TYPE SYNTAX SshKeyPairEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "" INDEX { sshKeyPairName } ::= { sshKeyPairTable 1 } SshKeyPairEntry ::= SEQUENCE { sshKeyPairName OCTET STRING, sshKeyPairType INTEGER, sshKeyPairModulusSz INTEGER, sshKeyPairComment OCTET STRING, sshKeyPairTrapOnComplete TruthValue, sshKeyPairPubData OCTET STRING, sshKeyPairStatus RowStatus } sshKeyPairName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(1..16)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object specifies the key unique name which used by server to determine host key." ::= { sshKeyPairEntry 1 } sshKeyPairType OBJECT-TYPE SYNTAX INTEGER { rsa(1), dsa(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Key type which specifies the generation algorithm." ::= { sshKeyPairEntry 2 } sshKeyPairModulusSz OBJECT-TYPE SYNTAX INTEGER (512..2048) MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies modulus size used to generate key. " DEFVAL { 512 } ::= { sshKeyPairEntry 3 } sshKeyPairComment OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "Comment for this key." ::= { sshKeyPairEntry 4 } sshKeyPairTrapOnComplete OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies whether the device should send a trap or not when finishing key generation." ::= { sshKeyPairEntry 5 } sshKeyPairPubData OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "Public key data of the key in the file format defined in RFC 4716." ::= { sshKeyPairEntry 6 } sshKeyPairStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object only includes three valid values: createAndGo, notInService, active and destroy. It will be set to notInService when generation is being process and active when generation succeed, otherwise the associated row will be removed." ::= { sshKeyPairEntry 7 } -- raisecomSshSessionInfo group raisecomSshSessionInfo OBJECT IDENTIFIER ::= { raisecomSshObjects 3 } sshSessionTable OBJECT-TYPE SYNTAX SEQUENCE OF SshSessionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "" ::= { raisecomSshSessionInfo 1 } sshSessionEntry OBJECT-TYPE SYNTAX SshSessionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "" INDEX { sshSessionId } ::= { sshSessionTable 1 } SshSessionEntry ::= SEQUENCE { sshSessionId Gauge, sshSessionVersion INTEGER, sshSessionState INTEGER, sshSessionUserId OCTET STRING, sshSessionHostAddr IpAddress, sshSessionInEncrypt OCTET STRING, sshSessionOutEncrypt OCTET STRING, sshSessionInHmac OCTET STRING, sshSessionOutHmac OCTET STRING, sshSessionConnectTime OCTET STRING, sshSessionEnable EnableVar } sshSessionId OBJECT-TYPE SYNTAX Gauge MAX-ACCESS not-accessible STATUS current DESCRIPTION "An arbitrary index that uniquely identifies a Secure Shell Session, but not the session ID generated resulting from key exchange." ::= { sshSessionEntry 1 } sshSessionVersion OBJECT-TYPE SYNTAX INTEGER{ ssh-1(1), ssh-2(2)} MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the SSH version used by this session." ::= { sshSessionEntry 2 } sshSessionState OBJECT-TYPE SYNTAX INTEGER{ sessionVersionOk(1), sessionKeysExchanged(2), sessionAuthenticated(3), sessionOpen(4), sessionDisconnecting(5), sessionDisconnected(6), sessionClosed(7) } MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the current state of Secure Shell Session. The state sessionVersionOk(1) indicates that server and client versions of SSH are exchanged and are compatible. The state sessionKeysExchanged(2) indicates that key exchange has been completed. The state sessionAuthenticated(3) indicates that the client has been successfully authenticated. The state sessionOpen(4) indicates that the session has been successfully opened. The state sessionDisconnecting(5) indicates that the session disconnection has begun. The state sessionDisconnected(6)indicates that the session has been disconnected. The state sessionClosed(7) indicates that the session has closed." ::= { sshSessionEntry 3 } sshSessionUserId OBJECT-TYPE SYNTAX OCTET STRING (SIZE(1..32)) MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates user name associated with this session." ::= { sshSessionEntry 4 } sshSessionHostAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates IP address of host associated with this session." ::= { sshSessionEntry 5 } sshSessionInEncrypt OBJECT-TYPE SYNTAX OCTET STRING (SIZE(1..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the ingress encryption algorithm of this session." ::= { sshSessionEntry 6 } sshSessionOutEncrypt OBJECT-TYPE SYNTAX OCTET STRING (SIZE(1..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the egress encryption algorithm of this session. If the session version is SSH-1, it is always the same as sshSessionInEncrypt." ::= { sshSessionEntry 7 } sshSessionInHmac OBJECT-TYPE SYNTAX OCTET STRING (SIZE(1..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the ingress HMAC algorithm used in this session." ::= { sshSessionEntry 8 } sshSessionOutHmac OBJECT-TYPE SYNTAX OCTET STRING (SIZE(1..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the egress HMAC algorithm used in this session." ::= { sshSessionEntry 9 } sshSessionConnectTime OBJECT-TYPE SYNTAX OCTET STRING (SIZE(1..65535)) MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the time of this session has been connected." ::= { sshSessionEntry 10 } sshSessionEnable OBJECT-TYPE SYNTAX EnableVar MAX-ACCESS read-write STATUS current DESCRIPTION "Enables or disables this session." ::= { sshSessionEntry 11 } --traps sshKeyPairGenerationCompletion NOTIFICATION-GROUP NOTIFICATIONS { sshKeyPairGenerationStatus, sshKeyPairName } STATUS current DESCRIPTION "Key pair generation is completed. " ::= { raisecomSshTraps 1 } END