19.1. SSH resource

19.1. SSH resource
	Chapter 19. SSH - Secure SHell

The Abilis CPX SSH resource includes:

a ssh client: it processes create the login request and provide the connection establishment with the remote unit;
a ssh server: it processes are hosted on the remote system and provide the login service to the request of the clients.

	Tip
	Interesting chapter: Section 19.3, “SSH commands”.

19.1.1. Activating the SSH resource

Add the resource to the Abilis system with the following command:

[11:09:16] ABILIS_CPX:a res:ssh

RES:SSH ALREADY EXISTS

The SSH resource may already exist in the system, but may not yet be active: set it active with the command:

[11:09:21] ABILIS_CPX:s act res:ssh

COMMAND EXECUTED

	Caution
	After adding or setting the SSH active, you must restart the Abilis to make the resource running (use the command warm start to reboot the Abilis).

19.1.2. SSH resource parameters

The following command displays the parameters of the resource. The d p ssh ? command displays the meaning of each parameter.

[11:09:25] ABILIS_CPX:d p ssh


RES:Ssh -----------------------------------------------------------------------
Run    DESCR:Secure_Shell_Protocol_2
       LOG:NO                 MCAU:NO                ps:128
       KEEPALIVE:30           LOGIN-TOUT:60
       WDIR:C:\APP\SSH\
       - Server ---------------------------------------------------------------
       PSER:SSHS>             ser:3                  tcp-locport:22
       AC:YES                 PWD:****************   DT:15
       CDO:00                 UDO:CP                 PROFILE:NORMAL
       IPSRC:*                IPSRCLIST:#                     
       S-AUTH:PWD                                    MAXAUTH:6
       S-CIPHERS:ALL (3DES,IDEA,CAST,BF,AES128,AES192,AES256)
       - Client ---------------------------------------------------------------
       PCLI:SSHC>             cli:3                  MAXPROMPT:3
       CDI:*                  UDI:*                  
       C-AUTH:PWD
       C-CIPHERS:ALL (3DES,IDEA,CAST,BF,AES128,AES192,AES256)

Meaning of the most important parameters:

LOG: State changes log and alarm generation [NO, D, S, A, L, T, ALL] [+E] (D: Debug Log; S: System Log; A: Alarm view; L: Local audible alarm; T: SNMP traps; +E: Extended Log of state changes, see ref. manual)
KEEPALIVE: Activates and sets the value of the “keep-alive” time-out; the “keep-alive” procedure, by sending the simple packets, keeps the TCP connection “alive” even if any data is not exchanged.
WDIR: Directory where HOST and SERVER keys are stored.
PSER: The prompt of the commands interpreter of the Server SSH resource.
ser: Number of Server processes allowed on the SSH resource.
AC: Auto-connection mode for the SSH Server; the default value is YES. The SSH Server automatically generates a connection request, using information configured in CDO and UDO parameters, whenever it receives a login request from a Client SSH process.
PWD: SSH Server password, which is asked for the connection.
DT: Idle time interval after which the connection is closed (in minutes).
CDO: Called address field of the SSH Server outgoing call. The parameter's default value (CDO:00), along with AC setting to YES, allows to connect to the Control port.
UDO: User data field of the SSH Server outgoing call. The parameter's default value (CDO:CP), along with AC setting to YES, allows to connect to the Control port.
IPSRC: IP address of enabled source SSH Client systems.
IPSRCLIST: List of IP addresses of enabled SSH Client systems.
MAXAUTH: Maximum number of authentication attempts for a SSH Client.
S-CIPHERS: Supported cryptography algorithms by SSH2 server [ALL, 3DES, IDEA, CAST, BF, AES128, AES192, AES256], values can be joined using "," operator
S-AUTH: Supported authentication methods by SSH2 client [PWD]
PCLI: The prompt of the commands interpreter of the Client SSH resource.
cli: Number of Client processes on the SSH resource.
CDI: Called address field of the SSH Client incoming call.
UDI: User data field of the SSH Client incoming call.
MAXPROMPT: Maximum number of unsuccessful inputs of password for the SSH client.
C-CIPHERS: Supported cryptography algorithms by SSH2 server [ALL, 3DES, IDEA, CAST, BF, AES128, AES192, AES256], values can be joined using "," operator
C-AUTH: Supported authentication methods by SSH2 client [PWD]

The following command allows the administrator to change the configuration of the resource:

s p ssh parameter:value...

	Caution
	To activate the changes made on the upper case parameters, execute the initialization command init res:ssh; while to set act the changes made on the lowercase parameters a save conf and an Abilis restart are required (i.e. with warm start command).


Chapter 19. SSH - Secure SHell		19.2. SSH diagnostics and statistics