-- *********************************************************************
-- CISCO-SECURE-SHELL-MIB.my: Cisco Secure Shell Mib
--
-- October 2002, Charuhas Ghatge
-- April 2004, Dipesh Gorashia
--
-- Copyright (c) 2002, 2003, 2004 by cisco Systems, Inc.
-- All rights reserved.
--
-- *********************************************************************CISCO-SECURE-SHELL-MIB DEFINITIONS::=BEGINIMPORTSMODULE-IDENTITY,OBJECT-TYPE,Integer32,Unsigned32FROM SNMPv2-SMI
MODULE-COMPLIANCE,OBJECT-GROUPFROM SNMPv2-CONF
RowStatus,TimeStamp,DisplayString,TruthValue,TEXTUAL-CONVENTIONFROM SNMPv2-TC
SnmpAdminStringFROM SNMP-FRAMEWORK-MIB
InetAddressType,InetAddressFROM INET-ADDRESS-MIB
ciscoMgmt FROM CISCO-SMI;ciscoSecureShellMIB MODULE-IDENTITYLAST-UPDATED"200506010000Z"ORGANIZATION"Cisco Systems, Inc."CONTACT-INFO"Cisco Systems
Postal: 170 W Tasman Drive
San Jose, CA 95134
USA
Tel: +1 800 553 -NETS
E-mail: cs-san@cisco.com,
cs-lan-switch-snmp@cisco.com"DESCRIPTION"MIB module for displaying and configuring
accounting and Secure Shell (SSH) related
features in a device.
SSH is a program to log into another computer over
a network, to execute commands in a remote machine
and to move files from one machine to another. It
provides strong authentication and secure communications
over unsecure channels.
For more information on SSH, please refer to IETF draft,
draft-ietf-tls-ssh-00.txt."REVISION"200506010000Z"DESCRIPTION"Added cssKeyGenerationStatus"REVISION"200404050000Z"DESCRIPTION"Added cssServiceModeCfgGroup and cssSessionInfoGroup
to the MIB module."REVISION"200309180000Z"DESCRIPTION"Added cssKeyString object to the cssKeyTable.
Changed the description of cssServiceActivation"REVISION"200210050000Z"DESCRIPTION"Initial version of this MIB module."::={ ciscoMgmt 339}ciscoSecureShellMIBObjects
OBJECTIDENTIFIER::={ ciscoSecureShellMIB 1}cssConfiguration
OBJECTIDENTIFIER::={ ciscoSecureShellMIBObjects 1}cssSessionInfo
OBJECTIDENTIFIER::={ ciscoSecureShellMIBObjects 2}CssVersions ::=TEXTUAL-CONVENTIONSTATUScurrent
DESCRIPTION"An indication of the Secure Shell protocol versions
supported or enabled on the device."SYNTAXBITS{v1(0),-- ssh v1v2(1)-- ssh v2}-- The SSH Configuration groupcssServiceActivation OBJECT-TYPESYNTAXTruthValueMAX-ACCESSread-writeSTATUScurrentDESCRIPTION"Enables or disables the Secure Shell (SSH) service on
the device.
"DEFVAL{ false }::={ cssConfiguration 1}cssKeyTable OBJECT-TYPESYNTAXSEQUENCEOF CssKeyEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"cssKeyTable is a table that lets the user configure
the SSH keys"::={ cssConfiguration 2}cssKeyEntry OBJECT-TYPESYNTAX CssKeyEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"A SSH key table entry. The index specifies which
protocol the user wants to generate the key for.
To create the key for a protocol (for the first time),
following steps are to be taken by the Network
Management System.
1. Choose the Protocol, by specifying the cssKeyIndex
2. Choose nbits, by specifying the cssKeyNBits value
3. cssKeyRowStatus as createAndGo (4)
To delete the key for a protocol, following steps
are to be taken by the Network Management System
1. Choose the Protocol, by specifying the cssKeyIndex
2. cssKeyRowStatus as destroy (6)
To overwrite the existing key for a protocol
1. Choose the Protocol, by specifying the cssKeyIndex
2. Choose the nbits, by specifying the cssKeyNBits value
3. cssKeyOverWrite as true(1)."INDEX{ cssKeyIndex }::={ cssKeyTable 1}
CssKeyEntry ::=SEQUENCE{
cssKeyIndex INTEGER,
cssKeyNBits Integer32,
cssKeyOverWrite TruthValue,
cssKeyLastCreationTime TimeStamp,
cssKeyRowStatus RowStatus,
cssKeyString DisplayString}cssKeyIndex OBJECT-TYPESYNTAXINTEGER{rsa(1),rsa1(2),dsa(3)
}MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The SSH Protocol Identifier for which this entry
pertains to. The protocol can be rsa1, dsa or rsa.
rsa - A public-key cryptosystem defined by Rivest,
Shamir and Adleman. This is used with version 2
of the SSH.
rsa1 - Same as rsa, but this is used with version 1 of
the SSH.
dsa - Digital Signature Algorithm, a public key
cipher used to generate digital signatures."::={ cssKeyEntry 1}cssKeyNBits OBJECT-TYPESYNTAXInteger32(512..2048)MAX-ACCESSread-createSTATUScurrentDESCRIPTION"The number of bits provided to generate the key.
This determines the length of the kestring
generated by the SSH.
This object cannot be modified while this row is
active, unless the associated cssKeyOverWrite
object is set to True in the same Set PDU."::={ cssKeyEntry 2}cssKeyOverWrite OBJECT-TYPESYNTAXTruthValueMAX-ACCESSread-createSTATUScurrentDESCRIPTION"This object specifies whether an existing key for
the protocol should be overwritten with a new key.
No action is taken if this object is set to 'false'.
The value of this object when read is always 'false'."::={ cssKeyEntry 3}cssKeyLastCreationTime OBJECT-TYPESYNTAXTimeStampMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The time of the last creation of the key."::={ cssKeyEntry 4}cssKeyRowStatus OBJECT-TYPESYNTAXRowStatusMAX-ACCESSread-createSTATUScurrentDESCRIPTION"Status of this row."::={ cssKeyEntry 5}cssKeyString OBJECT-TYPESYNTAXDisplayString(SIZE(0..255))MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The SSH public key string that is generated."::={ cssKeyEntry 6}cssServiceCapability OBJECT-TYPESYNTAX CssVersions
MAX-ACCESSread-onlySTATUScurrent
DESCRIPTION"The object indicates which versions of Secure Shell protocol
are supported by the device.
If the bit 'v1' is set to 1, it indicates that the device
supports SSH protocol version 1.
If the bit 'v2' is set to 1, it indicates that the device
supports SSH protocol version 2."::={ cssConfiguration 3}cssServiceMode OBJECT-TYPESYNTAX CssVersions
MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"This object specifies which versions of Secure Shell
protocol connections that device will accept from
Secure Shell clients.
If the bit 'v1' is set to 1, the device will accept
SSH version 1 connections.
If the bit 'v2' is set to 1, the device will accept
SSH version 2 connections.
At least one of the version bits must be set to 1."::={ cssConfiguration 4}cssKeyGenerationStatus OBJECT-TYPESYNTAXINTEGER{inProgress(1),successful(2),failed(3)}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"This object specifies the status of the last key
generation request."::={ cssConfiguration 5}
cssSessionTable OBJECT-TYPESYNTAXSEQUENCEOF CssSessionEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"Table to list detailed information about existing
Secure Shell sessions on the device."::={ cssSessionInfo 1}cssSessionEntry OBJECT-TYPESYNTAX CssSessionEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"An entry in the cssSessionTable, that provides
detailed information about all the existing SSH sessions on
the device.
An entry will be created for every SSH session established
on the device. The entry will be removed upon termination
of the SSH session."INDEX{ cssSessionID }::={ cssSessionTable 1}
CssSessionEntry ::=SEQUENCE{
cssSessionID Unsigned32,
cssSessionVersion INTEGER,
cssSessionState INTEGER,
cssSessionPID Unsigned32,
cssSessionUserID SnmpAdminString,
cssSessionHostAddrType InetAddressType,
cssSessionHostAddr InetAddress
}cssSessionID OBJECT-TYPESYNTAXUnsigned32MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"An arbitrary index that uniquely identifies a Secure Shell
Session"::={ cssSessionEntry 1}cssSessionVersion OBJECT-TYPESYNTAXINTEGER{ one(1),two(2)}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The object indicates the version of Secure Shell used by
this session."::={ cssSessionEntry 2}cssSessionState OBJECT-TYPESYNTAXINTEGER{ sshSessionVersionOk(1),sshSessionKeysExchanged(2),sshSessionAuthenticated(3),sshSessionOpen(4),sshSessionDisconnecting(5),sshSessionDisconnected(6),
sshSessionClosed(7)}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The object indicates the current state of Secure Shell
Session.
The state sshSessionVersionOk(1) indicates that server and
client versions of SSH are exchanged and are compatible.
The state sshSessionKeysExchanged(2) indicates that key
exchange has been completed.
The state sshSessionAuthenticated(3) indicates that the
client has been successfully authenticated.
The state sshSessionOpen(4) indicates that the session has
been successfully opened.
The state sshSessionDisconnecting(5) indicates that the
session disconnection has begun.
The state sshSessionDisconnected(6) indicates that the
session has been disconnected.
The state sshSessionClosed(7) indicates that the session
has closed."::={ cssSessionEntry 3}cssSessionPID OBJECT-TYPESYNTAXUnsigned32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The object indicates the process ID of the process
serving this SSH session on the device."::={ cssSessionEntry 4}cssSessionUserID OBJECT-TYPESYNTAXSnmpAdminStringMAX-ACCESSread-onlySTATUScurrentDESCRIPTION
"The object indicates user name associated with this
SSH session."::={ cssSessionEntry 5}cssSessionHostAddrType OBJECT-TYPESYNTAXInetAddressTypeMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"This object describes the type of Internet address used
by host associated with this SSH session."::={ cssSessionEntry 6}cssSessionHostAddr OBJECT-TYPESYNTAXInetAddressMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The object indicates the Internet address of the host
associated with this SSH session."::={ cssSessionEntry 7}-- ConformanceciscoSecureShellMIBConformance
OBJECTIDENTIFIER::={ ciscoSecureShellMIB 2}ciscoSecureShellMIBCompliances
OBJECTIDENTIFIER::={ ciscoSecureShellMIBConformance 1}ciscoSecureShellMIBGroups
OBJECTIDENTIFIER::={ ciscoSecureShellMIBConformance 2}ciscoSecureShellMIBCompliance MODULE-COMPLIANCESTATUSdeprecated
DESCRIPTION"The compliance statement for entities which
implement the CISCO-SECURE-SHELL-MIB."MODULEMANDATORY-GROUPS{
cssConfigurationGroup
}OBJECT cssKeyRowStatus
SYNTAXINTEGER{
active(1),
createAndGo(4),
destroy(6)}DESCRIPTION"Only 'createAndGo', 'destroy' and 'active' need to
be supported. notInService, notReady and createAndWait
will not be supported."::={ ciscoSecureShellMIBCompliances 1}ciscoSecureShellMIBComplianceRv1 MODULE-COMPLIANCESTATUSdeprecatedDESCRIPTION"The compliance statement for entities which
implement the CISCO-SECURITY-MIB."MODULEMANDATORY-GROUPS{
cssConfigurationGroupRev1
}OBJECT cssKeyRowStatus
SYNTAXINTEGER{
active(1),
createAndGo(4),
destroy(6)}DESCRIPTION"Only 'createAndGo', 'destroy' and 'active' need to
be supported. notInService, notReady and createAndWait
will not be supported."::={ ciscoSecureShellMIBCompliances 2}ciscoSecureShellMIBComplianceRv2 MODULE-COMPLIANCESTATUSdeprecated-- superceeded by-- ciscoSecureShellMIBComplianceRv3DESCRIPTION"The compliance statement for entities which
implement the CISCO-SECURE-SHELL-MIB."MODULEMANDATORY-GROUPS{
cssConfigurationGroupRev1
}OBJECT cssKeyRowStatus
SYNTAXINTEGER{
active(1),
createAndGo(4),
destroy(6)}DESCRIPTION"Only 'createAndGo', 'destroy' and 'active' need to
be supported. notInService, notReady and createAndWait
will not be supported."GROUP cssServiceModeCfgGroup
DESCRIPTION"Implementation of this group is optional."GROUP cssSessionInfoGroup
DESCRIPTION"Implementation of this group is optional."::={ ciscoSecureShellMIBCompliances 3}ciscoSecureShellMIBComplianceRv3 MODULE-COMPLIANCESTATUScurrentDESCRIPTION"The compliance statement for entities which
implement the CISCO-SECURE-SHELL-MIB."MODULEMANDATORY-GROUPS{
cssConfigurationGroupRev1,
cssConfigurationGroupSupp1
}OBJECT cssKeyRowStatus
SYNTAXINTEGER{
active(1),
createAndGo(4),
destroy(6)}DESCRIPTION"Only 'createAndGo', 'destroy' and 'active' need to
be supported. notInService, notReady and createAndWait
will not be supported."GROUP cssServiceModeCfgGroup
DESCRIPTION"Implementation of this group is optional."GROUP cssSessionInfoGroup
DESCRIPTION"Implementation of this group is optional."::={ ciscoSecureShellMIBCompliances 4}-- Units of ConformancecssConfigurationGroup OBJECT-GROUPOBJECTS{
cssServiceActivation,
cssKeyNBits,
cssKeyOverWrite,
cssKeyLastCreationTime,
cssKeyRowStatus
}STATUSdeprecatedDESCRIPTION"A collection of objects for SSH configuration."
::={ ciscoSecureShellMIBGroups 1}cssConfigurationGroupRev1 OBJECT-GROUPOBJECTS{
cssServiceActivation,
cssKeyNBits,
cssKeyOverWrite,
cssKeyLastCreationTime,
cssKeyString,
cssKeyRowStatus
}STATUScurrentDESCRIPTION"A collection of objects for SSH configuration."::={ ciscoSecureShellMIBGroups 2}cssServiceModeCfgGroup OBJECT-GROUPOBJECTS{
cssServiceCapability,
cssServiceMode
}STATUScurrentDESCRIPTION"A collection of objects for SSH mode configuration."::={ ciscoSecureShellMIBGroups 3}cssSessionInfoGroup OBJECT-GROUPOBJECTS{
cssSessionVersion,
cssSessionState,
cssSessionPID,
cssSessionUserID,
cssSessionHostAddrType,
cssSessionHostAddr
}STATUScurrentDESCRIPTION"A collection of objects to display SSH
session related information."::={ ciscoSecureShellMIBGroups 4}cssConfigurationGroupSupp1 OBJECT-GROUPOBJECTS{
cssKeyGenerationStatus
}STATUScurrentDESCRIPTION"A collection of objects for SSH configuration."::={ ciscoSecureShellMIBGroups 5}END