18.1. SSH resource

18.1. SSH resource
	Chapter 18. SSH - Secure SHell

The Abilis CPX SSH resource includes:

a ssh client: it processes create the login request and provide the connection establishment with the remote unit;
a ssh server: it processes are hosted on the remote system and provide the login service to the request of the clients.

	Tip
	Interesting chapter: Section 18.3, “SSH commands”.

18.1.1. Activating the SSH resource

Add the resource to the Abilis system with the following command:

[11:09:16] ABILIS_CPX:a res:ssh

RES:SSH ALREADY EXISTS

The SSH resource may already exist in the system, but may not yet be active: set it active with the command:

[11:09:21] ABILIS_CPX:s act res:ssh

COMMAND EXECUTED

	Caution
	After adding or setting the SSH active, you must restart the Abilis to make the resource running (use the command warm start to reboot the Abilis).

18.1.2. SSH resource parameters

The following command displays the parameters of the resource. The d p ssh ? command displays the meaning of each parameter.

[11:09:25] ABILIS_CPX:d p ssh

RES:Ssh -----------------------------------------------------------------------
Run    DESCR:Secure_Shell_Protocol
       LOG:NO                 MCAU:NO                ps:128
       KEEPALIVE:30           LOGIN-TOUT:60
       WDIR:C:\APP\SSH\
       - Server ---------------------------------------------------------------
       PSER:SSHS>             ser:3                  tcp-locport:22
       AC:YES                 PWD:****************   DT:15
       CDO:00                 UDO:CP                 PROFILE:NORMAL
       IPSRC:*                IPSRCLIST:#                     MAXAUTH:6
       KEYLEN:768             KEYREGENT:60           HOSTKEYLEN:1024
       S-VER:1,2              S-AUTH-1:PWD           S-AUTH-2:PWD
       S-CIPHERS-1:ALL
       S-CIPHERS-2:ALL
       - Client ---------------------------------------------------------------
       PCLI:SSHC>             cli:3                  MAXPROMPT:3
       CDI:*                  UDI:*
       C-VER:1,2              C-AUTH-1:PWD           C-AUTH-2:PWD
       C-CIPHERS-1:ALL                                    DFT-CIPHER-1:3DES
       C-CIPHERS-2:ALL                                    DFT-CIPHER-2:3DES

Meaning of the most important parameters:

LOG: Logging functionalities activation/deactivation.
KEEPALIVE: Activates and sets the value of the “keep-alive” time-out; the “keep-alive” procedure, by sending the simple packets, keeps the TCP connection “alive” even if any data is not exchanged.
WDIR: Directory where HOST and SERVER keys are stored.
PSER: The prompt of the commands interpreter of the Server SSH resource.
ser: Number of Server processes allowed on the SSH resource.
AC: Auto-connection mode for the SSH Server; the default value is YES. The SSH Server automatically generates a connection request, using information configured in CDO and UDO parameters, whenever it receives a login request from a Client SSH process.
PWD: SSH Server password, which is asked for the connection.
DT: Idle time interval after which the connection is closed (in minutes).
CDO: Called address field of the SSH Server outgoing call. The parameter's default value (CDO:00), along with AC setting to YES, allows to connect to the Control port.
UDO: User data field of the SSH Server outgoing call. The parameter's default value (CDO:CP), along with AC setting to YES, allows to connect to the Control port.
IPSRC: IP address of enabled source SSH Client systems.
IPSRCLIST: List of IP addresses of enabled SSH Client systems.
MAXAUTH: Maximum number of authentication attempts for a SSH Client.
KEYLEN: SSH Server RSA key length (in bits).
KEYREGENT: SSH Server RSA key regeneration time (in minutes).
HOSTKEYLEN: The host RSA key length (in bits).
S-CIPHERS: Cryptographic algorithms supported by the SSH Server [ALL, IDEA, DES, 3DES, BF].
S-AUTH: Authentication method supported by the SSH Server [NO, PWD].
PCLI: The prompt of the commands interpreter of the Client SSH resource.
cli: Number of Client processes on the SSH resource.
CDI: Called address field of the SSH Client incoming call.
UDI: User data field of the SSH Client incoming call.
DFT-CIPHER: Default cipher type of SSH Client [IDEA, DES, 3DES, BF, AUTO].
MAXPROMPT: Maximum number of unsuccessful inputs of password for the SSH client.
C-CIPHERS: Cryptographic algorithms supported by the SSH Client [ALL, IDEA, DES, 3DES, BF].
C-AUTH: Authentication method supported by the SSH Client [NO, PWD].

The following command allows the administrator to change the configuration of the resource:

s p ssh parameter:value...

	Caution
	To activate the changes made on the upper case parameters, execute the initialization command init res:ssh; while to set act the changes made on the lowercase parameters a save conf and an Abilis restart are required (i.e. with warm start command).


Chapter 18. SSH - Secure SHell		18.2. SSH diagnostics and statistics