24.1. SSH resource

The Abilis CPX SSH resource includes:

[Tip]Tip

Interesting chapter: Section 24.3, “SSH commands”.

24.1.1. Activating the SSH resource

Add the resource to the Abilis system with the following command:

[11:09:16] ABILIS_CPX:a res:ssh

RES:SSH ALREADY EXISTS

The SSH resource may already exist in the system, but may not yet be active: set it active with the command:

[11:09:21] ABILIS_CPX:s act res:ssh

COMMAND EXECUTED
[Caution]Caution

After adding or setting the SSH active, you must restart the Abilis to make the resource running (use the command warm start to reboot the Abilis).

24.1.2. SSH resource parameters

The following command displays the parameters of the resource. The d p ssh ? command displays the meaning of each parameter.

[11:09:25] ABILIS_CPX:d p ssh


RES:Ssh -----------------------------------------------------------------------
Run    DESCR:Secure_Shell_Protocol_2
       LOG:DS                 MCAU:NO                ps:512
       KEEPALIVE:30           LOGIN-TOUT:60
       WDIR:C:\APP\SSH\
       - Server ---------------------------------------------------------------
       LOGIN-MODE:LEGACY  <Read Only, from CP>       PWD:****************
       PSER:SSHS>             ser:6                  tcp-locport:22
       AC:CP                  
       DT:15                  PROFILE:NORMAL
       IPSRC:*                IPSRCLIST:#                     
       S-AUTH:PWD                                    MAXAUTH:6
       S-CIPHERS:ALL (AES128-CTR,AES192-CTR,AES256-CTR,AES128-CBC,AES192-CBC,
                      AES256-CBC,3DES,BF,CAST,IDEA)
       - Client ---------------------------------------------------------------
       PCLI:SSHC>             cli:3                  MAXPROMPT:3
       C-AUTH:PWD
       C-CIPHERS:ALL (AES128-CTR,AES192-CTR,AES256-CTR,AES128-CBC,AES192-CBC,
                      AES256-CBC,3DES,BF,CAST,IDEA)
[Important]Important

The SSH PWD is not used in LOGIN-MODE:USERS.

[11:09:25] ABILIS_CPX:d p ssh

RES:Ssh -----------------------------------------------------------------------
Run    DESCR:Secure_Shell_Protocol_2
       LOG:NO                 MCAU:NO                ps:512
       KEEPALIVE:30           LOGIN-TOUT:60
       WDIR:C:\APP\SSH\
       - Server ---------------------------------------------------------------
       LOGIN-MODE:USERS  <Read Only, from CP>        
       PSER:SSHS>             ser:6                  tcp-locport:22
       AC:CP                  
       DT:15                  PROFILE:NORMAL
       IPSRC:*                IPSRCLIST:#                     
       S-AUTH:PWD                                    MAXAUTH:6
       S-CIPHERS:ALL (AES128-CTR,AES192-CTR,AES256-CTR,AES128-CBC,AES192-CBC,
                      AES256-CBC,3DES,BF,CAST,IDEA)
       - Client ---------------------------------------------------------------
       PCLI:SSHC>             cli:3                  MAXPROMPT:3
       C-AUTH:PWD
       C-CIPHERS:ALL (AES128-CTR,AES192-CTR,AES256-CTR,AES128-CBC,AES192-CBC,
                      AES256-CBC,3DES,BF,CAST,IDEA)

The meaning:

LOG

State changes log and alarm generation [NO, D, S, A, L, T, ALL] [+E] (D: Debug Log; S: System Log; A: Alarm view; L: Local audible alarm; T: SNMP traps; +E: Extended Log of state changes, see ref. manual).

MCAU

Force cause 0x00 in clear packets [NO, YES].

ps

Packet size [16..2048 bytes].

KEEPALIVE

Activates and sets the value of the “keep-alive” time-out; the “keep-alive” procedure, by sending the simple packets, keeps the TCP connection “alive” even if any data is not exchanged.

LOGIN-TOUT

Login timeout [10..600 sec.].

WDIR

Directory where HOST and SERVER keys are stored. Full path with drive letter ['C'..'Z'] terminated by '\'. Max 128 chars. Spaces require double quotes (E.g. "C:\My dir\").

LOGIN-MODE

Server log-in mode [LEGACY, USERS].

[Important]Important

Read Only, from CP.

PSER

Prompt of the server [Alphanumeric].

ser

Maximum number of servers [0..255].

tcp-locport

Local TCP port for servers and default remote TCP port for clients [1..65535].

AC

Server auto-connect flag [NO, YES, CP]. The default value is CP.

PWD

Authentication password. Max 32 ASCII characters. Spaces are not allowed. Case-insensitive match.

[Important]Important

Only for LOGIN-MODE:LEGACY.

DT

Inactivity disconnect time-out [0..255 min.].

CDO

Called NUA for outgoing X.25 calls [0..9, #]. The parameter's default value (CDO:00).

[Important]Important

Only for AC:YES.

UDO

User data for outgoing X.25 calls [0..9, a..z, A..Z, #]. The parameter's default value (CDO:CP).

[Important]Important

Only for AC:YES.

PROFILE

X.25 Profile [NORMAL, TRANSPARENT].

IPSRC

Incoming requests: accepted source IP address [*, 1-126.x.x.x, 127.0.0.1, 128-223.x.x.x].

IPSRCLIST

Incoming requests: list of further accepted source IP addresses [#, IP/IR/RU/MR listname].

MAXAUTH

Maximum number of authentication attempts for a SSH Client.

S-CIPHERS

Supported ciphers [DFT, ALL, AES128-CTR, AES192-CTR, AES256-CTR, AES128-CBC, AES192-CBC, AES256-CBC, 3DES, BF, CAST, IDEA], values can be joined using ',' (comma).

S-AUTH

Supported authentication methods by SSH2 client [PWD]

PCLI

Prompt of the client.

cli

Maximum number of clients [0..20].

MAXPROMPT

Maximum number of password prompts [1..10].

C-CIPHERS

Supported ciphers [DFT, ALL, AES128-CTR, AES192-CTR, AES256-CTR, AES128-CBC, AES192-CBC, AES256-CBC, 3DES, BF, CAST, IDEA], values can be joined using ',' (comma).

C-AUTH

Supported authentication methods by SSH2 client [PWD].

The following command allows the administrator to change the configuration of the resource:

s p ssh parameter:value...

[Caution]Caution

To activate the changes made on the upper case parameters, execute the initialization command init res:ssh; while to set act the changes made on the lowercase parameters a save conf and an Abilis restart are required (i.e. With warm start command).