mirror of
https://github.com/hsnodgrass/snmp_mib_archive.git
synced 2025-04-17 16:03:04 +00:00
577 lines
19 KiB
Plaintext
577 lines
19 KiB
Plaintext
-- *********************************************************************
|
|
-- CISCO-SECURE-SHELL-MIB.my: Cisco Secure Shell Mib
|
|
--
|
|
-- October 2002, Charuhas Ghatge
|
|
-- April 2004, Dipesh Gorashia
|
|
--
|
|
-- Copyright (c) 2002, 2003, 2004 by cisco Systems, Inc.
|
|
-- All rights reserved.
|
|
--
|
|
-- *********************************************************************
|
|
|
|
CISCO-SECURE-SHELL-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE,
|
|
Integer32, Unsigned32 FROM SNMPv2-SMI
|
|
MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
|
|
RowStatus, TimeStamp, DisplayString,
|
|
TruthValue, TEXTUAL-CONVENTION FROM SNMPv2-TC
|
|
SnmpAdminString FROM SNMP-FRAMEWORK-MIB
|
|
InetAddressType, InetAddress FROM INET-ADDRESS-MIB
|
|
ciscoMgmt FROM CISCO-SMI;
|
|
|
|
|
|
ciscoSecureShellMIB MODULE-IDENTITY
|
|
LAST-UPDATED "200506010000Z"
|
|
ORGANIZATION "Cisco Systems, Inc."
|
|
CONTACT-INFO
|
|
"Cisco Systems
|
|
Postal: 170 W Tasman Drive
|
|
San Jose, CA 95134
|
|
USA
|
|
Tel: +1 800 553 -NETS
|
|
E-mail: cs-san@cisco.com,
|
|
cs-lan-switch-snmp@cisco.com"
|
|
DESCRIPTION
|
|
"MIB module for displaying and configuring
|
|
accounting and Secure Shell (SSH) related
|
|
features in a device.
|
|
|
|
SSH is a program to log into another computer over
|
|
a network, to execute commands in a remote machine
|
|
and to move files from one machine to another. It
|
|
provides strong authentication and secure communications
|
|
over unsecure channels.
|
|
|
|
For more information on SSH, please refer to IETF draft,
|
|
draft-ietf-tls-ssh-00.txt."
|
|
|
|
REVISION "200506010000Z"
|
|
DESCRIPTION
|
|
"Added cssKeyGenerationStatus"
|
|
REVISION "200404050000Z"
|
|
DESCRIPTION
|
|
"Added cssServiceModeCfgGroup and cssSessionInfoGroup
|
|
to the MIB module."
|
|
|
|
REVISION "200309180000Z"
|
|
DESCRIPTION
|
|
"Added cssKeyString object to the cssKeyTable.
|
|
Changed the description of cssServiceActivation"
|
|
REVISION "200210050000Z"
|
|
DESCRIPTION
|
|
"Initial version of this MIB module."
|
|
::= { ciscoMgmt 339 }
|
|
|
|
|
|
ciscoSecureShellMIBObjects
|
|
OBJECT IDENTIFIER ::= { ciscoSecureShellMIB 1 }
|
|
|
|
cssConfiguration
|
|
OBJECT IDENTIFIER ::= { ciscoSecureShellMIBObjects 1 }
|
|
|
|
cssSessionInfo
|
|
OBJECT IDENTIFIER ::= { ciscoSecureShellMIBObjects 2 }
|
|
|
|
|
|
CssVersions ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An indication of the Secure Shell protocol versions
|
|
supported or enabled on the device."
|
|
SYNTAX BITS {
|
|
v1(0), -- ssh v1
|
|
v2(1) -- ssh v2
|
|
}
|
|
|
|
-- The SSH Configuration group
|
|
|
|
cssServiceActivation OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enables or disables the Secure Shell (SSH) service on
|
|
the device.
|
|
"
|
|
DEFVAL { false }
|
|
::= { cssConfiguration 1 }
|
|
|
|
cssKeyTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CssKeyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"cssKeyTable is a table that lets the user configure
|
|
the SSH keys"
|
|
::= { cssConfiguration 2 }
|
|
|
|
cssKeyEntry OBJECT-TYPE
|
|
SYNTAX CssKeyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A SSH key table entry. The index specifies which
|
|
protocol the user wants to generate the key for.
|
|
|
|
To create the key for a protocol (for the first time),
|
|
following steps are to be taken by the Network
|
|
Management System.
|
|
|
|
1. Choose the Protocol, by specifying the cssKeyIndex
|
|
2. Choose nbits, by specifying the cssKeyNBits value
|
|
3. cssKeyRowStatus as createAndGo (4)
|
|
|
|
To delete the key for a protocol, following steps
|
|
are to be taken by the Network Management System
|
|
|
|
1. Choose the Protocol, by specifying the cssKeyIndex
|
|
2. cssKeyRowStatus as destroy (6)
|
|
|
|
To overwrite the existing key for a protocol
|
|
|
|
1. Choose the Protocol, by specifying the cssKeyIndex
|
|
2. Choose the nbits, by specifying the cssKeyNBits value
|
|
3. cssKeyOverWrite as true(1)."
|
|
INDEX { cssKeyIndex }
|
|
::= { cssKeyTable 1 }
|
|
|
|
CssKeyEntry ::=
|
|
SEQUENCE {
|
|
cssKeyIndex INTEGER,
|
|
cssKeyNBits Integer32,
|
|
cssKeyOverWrite TruthValue,
|
|
cssKeyLastCreationTime TimeStamp,
|
|
cssKeyRowStatus RowStatus,
|
|
cssKeyString DisplayString
|
|
}
|
|
|
|
cssKeyIndex OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
rsa(1),
|
|
rsa1(2),
|
|
dsa(3)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The SSH Protocol Identifier for which this entry
|
|
pertains to. The protocol can be rsa1, dsa or rsa.
|
|
|
|
rsa - A public-key cryptosystem defined by Rivest,
|
|
Shamir and Adleman. This is used with version 2
|
|
of the SSH.
|
|
|
|
rsa1 - Same as rsa, but this is used with version 1 of
|
|
the SSH.
|
|
|
|
dsa - Digital Signature Algorithm, a public key
|
|
cipher used to generate digital signatures."
|
|
::= { cssKeyEntry 1 }
|
|
|
|
cssKeyNBits OBJECT-TYPE
|
|
SYNTAX Integer32 (512..2048)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of bits provided to generate the key.
|
|
This determines the length of the kestring
|
|
generated by the SSH.
|
|
|
|
This object cannot be modified while this row is
|
|
active, unless the associated cssKeyOverWrite
|
|
object is set to True in the same Set PDU."
|
|
::= { cssKeyEntry 2 }
|
|
|
|
cssKeyOverWrite OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies whether an existing key for
|
|
the protocol should be overwritten with a new key.
|
|
No action is taken if this object is set to 'false'.
|
|
The value of this object when read is always 'false'."
|
|
::= { cssKeyEntry 3 }
|
|
|
|
cssKeyLastCreationTime OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time of the last creation of the key."
|
|
::= { cssKeyEntry 4 }
|
|
|
|
cssKeyRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Status of this row."
|
|
::= { cssKeyEntry 5 }
|
|
|
|
cssKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The SSH public key string that is generated."
|
|
::= { cssKeyEntry 6 }
|
|
|
|
cssServiceCapability OBJECT-TYPE
|
|
SYNTAX CssVersions
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates which versions of Secure Shell protocol
|
|
are supported by the device.
|
|
|
|
If the bit 'v1' is set to 1, it indicates that the device
|
|
supports SSH protocol version 1.
|
|
|
|
If the bit 'v2' is set to 1, it indicates that the device
|
|
supports SSH protocol version 2."
|
|
::= { cssConfiguration 3 }
|
|
|
|
cssServiceMode OBJECT-TYPE
|
|
SYNTAX CssVersions
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies which versions of Secure Shell
|
|
protocol connections that device will accept from
|
|
Secure Shell clients.
|
|
|
|
If the bit 'v1' is set to 1, the device will accept
|
|
SSH version 1 connections.
|
|
|
|
If the bit 'v2' is set to 1, the device will accept
|
|
SSH version 2 connections.
|
|
|
|
At least one of the version bits must be set to 1."
|
|
::= { cssConfiguration 4 }
|
|
|
|
|
|
cssKeyGenerationStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
inProgress(1),
|
|
successful(2),
|
|
failed(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the status of the last key
|
|
generation request."
|
|
::= { cssConfiguration 5 }
|
|
|
|
|
|
|
|
cssSessionTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CssSessionEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table to list detailed information about existing
|
|
Secure Shell sessions on the device."
|
|
::= { cssSessionInfo 1 }
|
|
|
|
cssSessionEntry OBJECT-TYPE
|
|
SYNTAX CssSessionEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the cssSessionTable, that provides
|
|
detailed information about all the existing SSH sessions on
|
|
the device.
|
|
|
|
An entry will be created for every SSH session established
|
|
on the device. The entry will be removed upon termination
|
|
of the SSH session."
|
|
INDEX { cssSessionID }
|
|
::= { cssSessionTable 1 }
|
|
|
|
CssSessionEntry ::=
|
|
SEQUENCE {
|
|
cssSessionID Unsigned32,
|
|
cssSessionVersion INTEGER,
|
|
cssSessionState INTEGER,
|
|
cssSessionPID Unsigned32,
|
|
cssSessionUserID SnmpAdminString,
|
|
cssSessionHostAddrType InetAddressType,
|
|
cssSessionHostAddr InetAddress
|
|
}
|
|
|
|
cssSessionID OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An arbitrary index that uniquely identifies a Secure Shell
|
|
Session"
|
|
::= { cssSessionEntry 1 }
|
|
|
|
cssSessionVersion OBJECT-TYPE
|
|
SYNTAX INTEGER { one(1),
|
|
two(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates the version of Secure Shell used by
|
|
this session."
|
|
::= { cssSessionEntry 2 }
|
|
|
|
cssSessionState OBJECT-TYPE
|
|
SYNTAX INTEGER { sshSessionVersionOk(1),
|
|
sshSessionKeysExchanged(2),
|
|
sshSessionAuthenticated(3),
|
|
sshSessionOpen(4),
|
|
sshSessionDisconnecting(5),
|
|
sshSessionDisconnected(6),
|
|
sshSessionClosed(7)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates the current state of Secure Shell
|
|
Session.
|
|
|
|
The state sshSessionVersionOk(1) indicates that server and
|
|
client versions of SSH are exchanged and are compatible.
|
|
|
|
The state sshSessionKeysExchanged(2) indicates that key
|
|
exchange has been completed.
|
|
|
|
The state sshSessionAuthenticated(3) indicates that the
|
|
client has been successfully authenticated.
|
|
|
|
The state sshSessionOpen(4) indicates that the session has
|
|
been successfully opened.
|
|
|
|
The state sshSessionDisconnecting(5) indicates that the
|
|
session disconnection has begun.
|
|
|
|
The state sshSessionDisconnected(6) indicates that the
|
|
session has been disconnected.
|
|
|
|
The state sshSessionClosed(7) indicates that the session
|
|
has closed."
|
|
::= { cssSessionEntry 3 }
|
|
|
|
cssSessionPID OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates the process ID of the process
|
|
serving this SSH session on the device."
|
|
::= { cssSessionEntry 4 }
|
|
|
|
cssSessionUserID OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates user name associated with this
|
|
SSH session."
|
|
::= { cssSessionEntry 5 }
|
|
|
|
cssSessionHostAddrType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object describes the type of Internet address used
|
|
by host associated with this SSH session."
|
|
::= { cssSessionEntry 6 }
|
|
|
|
cssSessionHostAddr OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates the Internet address of the host
|
|
associated with this SSH session."
|
|
::= { cssSessionEntry 7 }
|
|
|
|
|
|
|
|
-- Conformance
|
|
|
|
ciscoSecureShellMIBConformance
|
|
OBJECT IDENTIFIER ::= { ciscoSecureShellMIB 2 }
|
|
|
|
ciscoSecureShellMIBCompliances
|
|
OBJECT IDENTIFIER ::= { ciscoSecureShellMIBConformance 1 }
|
|
|
|
ciscoSecureShellMIBGroups
|
|
OBJECT IDENTIFIER ::= { ciscoSecureShellMIBConformance 2 }
|
|
|
|
|
|
ciscoSecureShellMIBCompliance MODULE-COMPLIANCE
|
|
STATUS deprecated
|
|
DESCRIPTION
|
|
"The compliance statement for entities which
|
|
implement the CISCO-SECURE-SHELL-MIB."
|
|
MODULE MANDATORY-GROUPS {
|
|
cssConfigurationGroup
|
|
}
|
|
|
|
OBJECT cssKeyRowStatus
|
|
SYNTAX INTEGER {
|
|
active(1),
|
|
createAndGo(4),
|
|
destroy(6)}
|
|
DESCRIPTION
|
|
"Only 'createAndGo', 'destroy' and 'active' need to
|
|
be supported. notInService, notReady and createAndWait
|
|
will not be supported."
|
|
::= { ciscoSecureShellMIBCompliances 1 }
|
|
|
|
ciscoSecureShellMIBComplianceRv1 MODULE-COMPLIANCE
|
|
STATUS deprecated
|
|
DESCRIPTION
|
|
"The compliance statement for entities which
|
|
implement the CISCO-SECURITY-MIB."
|
|
MODULE MANDATORY-GROUPS {
|
|
cssConfigurationGroupRev1
|
|
}
|
|
|
|
OBJECT cssKeyRowStatus
|
|
SYNTAX INTEGER {
|
|
active(1),
|
|
createAndGo(4),
|
|
destroy(6)}
|
|
DESCRIPTION
|
|
"Only 'createAndGo', 'destroy' and 'active' need to
|
|
be supported. notInService, notReady and createAndWait
|
|
will not be supported."
|
|
::= { ciscoSecureShellMIBCompliances 2 }
|
|
|
|
|
|
ciscoSecureShellMIBComplianceRv2 MODULE-COMPLIANCE
|
|
STATUS deprecated -- superceeded by
|
|
-- ciscoSecureShellMIBComplianceRv3
|
|
DESCRIPTION
|
|
"The compliance statement for entities which
|
|
implement the CISCO-SECURE-SHELL-MIB."
|
|
MODULE MANDATORY-GROUPS {
|
|
cssConfigurationGroupRev1
|
|
}
|
|
|
|
OBJECT cssKeyRowStatus
|
|
SYNTAX INTEGER {
|
|
active(1),
|
|
createAndGo(4),
|
|
destroy(6)}
|
|
DESCRIPTION
|
|
"Only 'createAndGo', 'destroy' and 'active' need to
|
|
be supported. notInService, notReady and createAndWait
|
|
will not be supported."
|
|
|
|
GROUP cssServiceModeCfgGroup
|
|
DESCRIPTION
|
|
"Implementation of this group is optional."
|
|
|
|
GROUP cssSessionInfoGroup
|
|
DESCRIPTION
|
|
"Implementation of this group is optional."
|
|
::= { ciscoSecureShellMIBCompliances 3 }
|
|
|
|
|
|
ciscoSecureShellMIBComplianceRv3 MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for entities which
|
|
implement the CISCO-SECURE-SHELL-MIB."
|
|
MODULE MANDATORY-GROUPS {
|
|
cssConfigurationGroupRev1,
|
|
cssConfigurationGroupSupp1
|
|
}
|
|
|
|
OBJECT cssKeyRowStatus
|
|
SYNTAX INTEGER {
|
|
active(1),
|
|
createAndGo(4),
|
|
destroy(6)}
|
|
DESCRIPTION
|
|
"Only 'createAndGo', 'destroy' and 'active' need to
|
|
be supported. notInService, notReady and createAndWait
|
|
will not be supported."
|
|
|
|
GROUP cssServiceModeCfgGroup
|
|
DESCRIPTION
|
|
"Implementation of this group is optional."
|
|
|
|
GROUP cssSessionInfoGroup
|
|
DESCRIPTION
|
|
"Implementation of this group is optional."
|
|
::= { ciscoSecureShellMIBCompliances 4 }
|
|
|
|
-- Units of Conformance
|
|
|
|
cssConfigurationGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
cssServiceActivation,
|
|
cssKeyNBits,
|
|
cssKeyOverWrite,
|
|
cssKeyLastCreationTime,
|
|
cssKeyRowStatus
|
|
}
|
|
STATUS deprecated
|
|
DESCRIPTION
|
|
"A collection of objects for SSH configuration."
|
|
::= { ciscoSecureShellMIBGroups 1 }
|
|
|
|
cssConfigurationGroupRev1 OBJECT-GROUP
|
|
OBJECTS {
|
|
cssServiceActivation,
|
|
cssKeyNBits,
|
|
cssKeyOverWrite,
|
|
cssKeyLastCreationTime,
|
|
cssKeyString,
|
|
cssKeyRowStatus
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects for SSH configuration."
|
|
::= { ciscoSecureShellMIBGroups 2 }
|
|
|
|
cssServiceModeCfgGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
cssServiceCapability,
|
|
cssServiceMode
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects for SSH mode configuration."
|
|
::= { ciscoSecureShellMIBGroups 3 }
|
|
|
|
cssSessionInfoGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
cssSessionVersion,
|
|
cssSessionState,
|
|
cssSessionPID,
|
|
cssSessionUserID,
|
|
cssSessionHostAddrType,
|
|
cssSessionHostAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects to display SSH
|
|
session related information."
|
|
::= { ciscoSecureShellMIBGroups 4 }
|
|
|
|
cssConfigurationGroupSupp1 OBJECT-GROUP
|
|
OBJECTS {
|
|
cssKeyGenerationStatus
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects for SSH configuration."
|
|
::= { ciscoSecureShellMIBGroups 5 }
|
|
|
|
END
|