From 98a672123c7872f6b9b75a9a2b6bb3aea504de6a Mon Sep 17 00:00:00 2001 From: David Leutgeb Date: Tue, 5 Dec 2023 12:25:34 +0100 Subject: Initial commit --- MIBS/radlan/RADLAN-SSH-MIB | 589 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 589 insertions(+) create mode 100644 MIBS/radlan/RADLAN-SSH-MIB (limited to 'MIBS/radlan/RADLAN-SSH-MIB') diff --git a/MIBS/radlan/RADLAN-SSH-MIB b/MIBS/radlan/RADLAN-SSH-MIB new file mode 100644 index 0000000..8cb55ce --- /dev/null +++ b/MIBS/radlan/RADLAN-SSH-MIB @@ -0,0 +1,589 @@ +RADLAN-SSH-MIB DEFINITIONS ::= BEGIN + +-- Title: RADLAN PHY MIB +-- Version: 7.30 +-- Date: 13 Jan 2003 +-- +IMPORTS + OBJECT-TYPE, MODULE-IDENTITY, + Unsigned32, IpAddress FROM SNMPv2-SMI + TEXTUAL-CONVENTION, DisplayString, RowStatus + FROM SNMPv2-TC + rnd FROM RADLAN-MIB; + + + rlSsh MODULE-IDENTITY + LAST-UPDATED "200209300024Z" -- September 30, 2002 + ORGANIZATION "Radlan Computer Communication Ltd." + CONTACT-INFO + "radlan.com" + DESCRIPTION + "The MIB module describes the private MIB for SSH supported + by Radlan's software and products." + REVISION "200301030024Z" -- January 04, 2003 + DESCRIPTION + "The second revision" + REVISION "200309210024Z" -- September 21, 2003 + DESCRIPTION + "Editorial changes." + ::= { rnd 78 } + +-- +-- Textual Conventions +-- +RlSshPublicKeyAlgorithm ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "This textual convention describes the various possible public key + algorithms. The key algorithm is used to select the PK to be generated + and is also used when viewing the public keys." + + SYNTAX INTEGER { + rsa1(0), + rsa(1), + dsa(2), + none(999) + } + +RlSshPublicKeyDigestFormat ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "This textual convention describes the format used to display the public + key fingerprint. The hex format is the format used by PGP and OpenSSH. + The bubble-babble format is used by SSH.com software." + + SYNTAX INTEGER { + hex(0), + bubbleBabble(1) + } + +rlSshMibVersion OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The MIB version. The current version is 2" + ::= { rlSsh 1 } + +-- +-- Server tables +-- +rlSshServer OBJECT IDENTIFIER ::= { rlSsh 2 } + +-- +-- Host Public Key Table +-- +rlSshServerHostPublicKeyTable OBJECT-TYPE + SYNTAX SEQUENCE OF RlSshServerHostPublicKeyTableEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table contains the router's public key. Each row in this table + contains a fragment of the key, in printable binhex format. There may + be up to 160 characters in every fragment, and they are all combined + to form one key. The key is generated by writing to + rlSshServerRegenerateHostKey. To cause clients to connect to this router + without printing warning messages (and also prevent active + man-in-the-middle), the router's public key must printed out and inserted + into the client's authorized_keys file" + ::= { rlSshServer 1 } + +rlSshServerHostPublicKeyTableEntry OBJECT-TYPE + SYNTAX RlSshServerHostPublicKeyTableEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + " The row definition for this table." + INDEX { rlSshServerHostPublicKeyAlgorithm, rlSshServerHostPublicKeyFragmentId } + ::= { rlSshServerHostPublicKeyTable 1 } + +RlSshServerHostPublicKeyTableEntry ::= SEQUENCE { + rlSshServerHostPublicKeyAlgorithm RlSshPublicKeyAlgorithm, + rlSshServerHostPublicKeyFragmentId Unsigned32, + rlSshServerHostPublicKeyFragmentText DisplayString +} + +rlSshServerHostPublicKeyAlgorithm OBJECT-TYPE + SYNTAX RlSshPublicKeyAlgorithm + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Identifies the type of public key to be displayed." + ::= { rlSshServerHostPublicKeyTableEntry 1 } + +rlSshServerHostPublicKeyFragmentId OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Identifies the index of this fragment in the final key. All segments must + be combined to form one big key." + ::= { rlSshServerHostPublicKeyTableEntry 2 } + +rlSshServerHostPublicKeyFragmentText OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A part of the readable text entry for the server's public authorzation key." + ::= { rlSshServerHostPublicKeyTableEntry 3 } + +-- +-- Host Public Key Fingerprint Table +-- +rlSshServerHostPublicKeyFingerprintTable OBJECT-TYPE + SYNTAX SEQUENCE OF RlSshServerHostPublicKeyFingerprintTableEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table contains the fingerprint for the router's public key." + ::= { rlSshServer 2 } + +rlSshServerHostPublicKeyFingerprintTableEntry OBJECT-TYPE + SYNTAX RlSshServerHostPublicKeyFingerprintTableEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + " The row definition for this table." + INDEX { rlSshServerHostPublicKeyFingerprintAlgorithm, rlSshServerHostPublicKeyFingerprintDigestFormat } + ::= { rlSshServerHostPublicKeyFingerprintTable 1 } + +RlSshServerHostPublicKeyFingerprintTableEntry ::= SEQUENCE { + rlSshServerHostPublicKeyFingerprintAlgorithm RlSshPublicKeyAlgorithm, + rlSshServerHostPublicKeyFingerprintDigestFormat RlSshPublicKeyDigestFormat, + rlSshServerHostPublicKeyFingerprint DisplayString +} + +rlSshServerHostPublicKeyFingerprintAlgorithm OBJECT-TYPE + SYNTAX RlSshPublicKeyAlgorithm + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Identifies the type of public key to be displayed." + ::= { rlSshServerHostPublicKeyFingerprintTableEntry 1 } + +rlSshServerHostPublicKeyFingerprintDigestFormat OBJECT-TYPE + SYNTAX RlSshPublicKeyDigestFormat + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Format of the digest to be displayed (OpenSSH or SSH.com)." + ::= { rlSshServerHostPublicKeyFingerprintTableEntry 2 } + +rlSshServerHostPublicKeyFingerprint OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SECSH format fingerprint of the server's public key. To prevent man in + the middle attacks, users should make sure the ssh Server's fingerprint, + as printed in the connection process, is similar to the one printed here." + ::= { rlSshServerHostPublicKeyFingerprintTableEntry 3 } + + +-- +-- Authorized Key Table +-- +rlSshServerAuthorizedUsersPublicKeyTable OBJECT-TYPE + SYNTAX SEQUENCE OF RlSshServerAuthorizedUsersPublicKeyTableEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table contains public keys for all users who are authorized to access + the router. For a user to be able to log in using SSH, the user name must + appear in this table, and the user's public key must match the one found + here." + ::= { rlSshServer 3 } + +rlSshServerAuthorizedUsersPublicKeyTableEntry OBJECT-TYPE + SYNTAX RlSshServerAuthorizedUsersPublicKeyTableEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + " The row definition for this table." + INDEX { rlSshServerAuthorizedUserName, + rlSshServerAuthorizedUserPublicKeyFragmentId } + ::= { rlSshServerAuthorizedUsersPublicKeyTable 1 } + +RlSshServerAuthorizedUsersPublicKeyTableEntry ::= SEQUENCE { + rlSshServerAuthorizedUserName DisplayString, + rlSshServerAuthorizedUserPublicKeyFragmentId Unsigned32, + rlSshServerAuthorizedUserPublicKeyFragmentText DisplayString, + rlSshServerAuthorizedUserPublicKeyFragmentStatus RowStatus +} + +rlSshServerAuthorizedUserName OBJECT-TYPE + SYNTAX DisplayString (SIZE(1..48)) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Name of the user who owns this public key. Both the user name and the + key bytes must match before a user is authenticated using this key." + ::= { rlSshServerAuthorizedUsersPublicKeyTableEntry 1 } + +rlSshServerAuthorizedUserPublicKeyFragmentId OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Identifies the index of this fragment in the final key. All segments must + be combined to form one big key." + ::= { rlSshServerAuthorizedUsersPublicKeyTableEntry 2 } + +rlSshServerAuthorizedUserPublicKeyFragmentText OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "A part of the readable text entry for the user's public authorzation key." + ::= { rlSshServerAuthorizedUsersPublicKeyTableEntry 3 } + +rlSshServerAuthorizedUserPublicKeyFragmentStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Create or delete a fragment of the user's public key. + A user is deleted if it has no remaining fragments." + ::= { rlSshServerAuthorizedUsersPublicKeyTableEntry 4 } + +-- +-- New 01-01-03: Authorized user fingerprint table. +-- +rlSshServerAuthorizedUsersPublicKeyFingerprintTable OBJECT-TYPE + SYNTAX SEQUENCE OF RlSshServerAuthorizedUsersPublicKeyFingerprintTableEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table contains the fingerprints of the public keys for all users who + are authorized to access the router. + To prevent man in the middle attacks, users should make sure the + user's fingerprint, as printed in the connection process, is similar + to the one printed here." + ::= { rlSshServer 5 } + +rlSshServerAuthorizedUsersPublicKeyFingerprintTableEntry OBJECT-TYPE + SYNTAX RlSshServerAuthorizedUsersPublicKeyFingerprintTableEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + " The row definition for this table." + INDEX { rlSshServerAuthorizedUserFingerprintName, + rlSshServerAuthorizedUserPublicKeyFingerprintDigestFormat } + ::= { rlSshServerAuthorizedUsersPublicKeyFingerprintTable 1 } + +RlSshServerAuthorizedUsersPublicKeyFingerprintTableEntry ::= SEQUENCE { + rlSshServerAuthorizedUserFingerprintName DisplayString, + rlSshServerAuthorizedUserPublicKeyFingerprintDigestFormat RlSshPublicKeyDigestFormat, + rlSshServerAuthorizedUserPublicKeyFingerprintAlgorithm RlSshPublicKeyAlgorithm, + rlSshServerAuthorizedUserPublicKeyFingerprint DisplayString +} + +rlSshServerAuthorizedUserFingerprintName OBJECT-TYPE + SYNTAX DisplayString (SIZE(1..48)) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Name of the user who owns this public key. Both the user name and the + key bytes must match before a user is authenticated using this key." + ::= { rlSshServerAuthorizedUsersPublicKeyFingerprintTableEntry 1 } + +rlSshServerAuthorizedUserPublicKeyFingerprintAlgorithm OBJECT-TYPE + SYNTAX RlSshPublicKeyAlgorithm + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Identifies the type of public key to be displayed." + ::= { rlSshServerAuthorizedUsersPublicKeyFingerprintTableEntry 2 } + +rlSshServerAuthorizedUserPublicKeyFingerprintDigestFormat OBJECT-TYPE + SYNTAX RlSshPublicKeyDigestFormat + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Format of the digest to be displayed (OpenSSH or SSH.com)." + ::= { rlSshServerAuthorizedUsersPublicKeyFingerprintTableEntry 3 } + +rlSshServerAuthorizedUserPublicKeyFingerprint OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SECSH format fingerprint of the user's public key. To prevent man in + the middle attacks, users should make sure their ssh fingerprint, + as printed in the connection process, is similar to the one printed here." + ::= { rlSshServerAuthorizedUsersPublicKeyFingerprintTableEntry 4 } + + +-- +-- Session Table +-- +rlSshServerSessionTable OBJECT-TYPE + SYNTAX SEQUENCE OF RlSshServerSessionTableEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each row in this table corresponds to an active SSH session with + the server" + ::= { rlSshServer 6 } + +rlSshServerSessionTableEntry OBJECT-TYPE + SYNTAX RlSshServerSessionTableEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + " The row definition for this table." + INDEX { rlSshServerSessionIdentifier } + ::= { rlSshServerSessionTable 1 } + +RlSshServerSessionTableEntry ::= SEQUENCE { + rlSshServerSessionIdentifier Unsigned32, + rlSshServerSessionPeerAddress IpAddress, + rlSshServerSessionPeerPort Unsigned32, + rlSshServerSessionUsername DisplayString, + rlSshServerSessionPeerVersion DisplayString, + rlSshServerSessionCipher DisplayString, + rlSshServerSessionHMAC DisplayString +} + +rlSshServerSessionIdentifier OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Identifies the connection to which this row corresponds." + ::= { rlSshServerSessionTableEntry 1 } + +rlSshServerSessionPeerAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The network address of the remote host connected to the server." + ::= { rlSshServerSessionTableEntry 2 } + +rlSshServerSessionPeerPort OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The source network port of the remote host connected to the server." + ::= { rlSshServerSessionTableEntry 3 } + +rlSshServerSessionPeerVersion OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The client version of the remote host connected to the server." + ::= { rlSshServerSessionTableEntry 4 } + +rlSshServerSessionUsername OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SSH authenticated name of user connected to the server." + ::= { rlSshServerSessionTableEntry 5 } + +rlSshServerSessionCipher OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Data encryption cipher used in this connection." + ::= { rlSshServerSessionTableEntry 6 } + +rlSshServerSessionHMAC OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Message authentication code used in this connection." + ::= { rlSshServerSessionTableEntry 7 } + +-- +-- SSH Server Scalars +-- +rlSshServerPort OBJECT-TYPE + SYNTAX Unsigned32(1..65535) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Specifies the TCP port used by the SSH 2 Server to listen for incoming + connections." + DEFVAL { 22 } + ::= { rlSshServer 101 } + +rlSshServerEnable OBJECT-TYPE + SYNTAX INTEGER { + enable(1), + disable(2) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Enables listening for incoming SSH2 connections on the port defined in + rlSshServerPort." + ::= { rlSshServer 102 } + +rlSshServerEnablePublicKeyAuthentication OBJECT-TYPE + SYNTAX INTEGER { + enable(1), + disable(2) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "If PK authentication is enabled, incoming SSH connections are + authenticated using public key authentication (using + rlSshServerAuthorizedUsersPublicKeyTable), before authenticating using + the router's standard AAA. If disabled, SSH connections are only + authorized by the router's AAA component." + ::= { rlSshServer 103 } + +rlSshServerRegenerateHostKey OBJECT-TYPE + SYNTAX RlSshPublicKeyAlgorithm + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Setting to a value other than none results in the Server (Host) Key + being regenerated. The key size is host-specific." + ::= { rlSshServer 104 } + +-- +-- SSH Client Scalars +-- +rlSshClient OBJECT IDENTIFIER ::= { rlSsh 3 } + +rlSshClientUserName OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Specifies the default user name the ssh client will use when + authenticating to a remote server." + ::= { rlSshClient 1 } + +rlSshClientRegenerateSelfKey OBJECT-TYPE + SYNTAX RlSshPublicKeyAlgorithm + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Setting to a value other than none results in the client self key + being regenerated. The key size is host-specific." + ::= { rlSshClient 2 } + +-- +-- Client Self Public Key Table +-- +rlSshClientSelfPublicKeyTable OBJECT-TYPE + SYNTAX SEQUENCE OF RlSshClientSelfPublicKeyTableEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table contains the router's client self public key. Each row in + this table contains a fragment of the key, in printable binhex format. + There may be up to 160 characters in every fragment, and they are all + combined to form one key. The key is generated by writing to + rlSshClientRegenerateSelfKey. To cause clients to connect to this router + without printing warning messages (and also prevent active + man-in-the-middle), the router's public key must printed out and + inserted into the client's authorized_keys file" + ::= { rlSshClient 3 } + +rlSshClientSelfPublicKeyTableEntry OBJECT-TYPE + SYNTAX RlSshClientSelfPublicKeyTableEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + " The row definition for this table." + INDEX { rlSshClientSelfPublicKeyAlgorithm, rlSshClientSelfPublicKeyFragmentId } + ::= { rlSshClientSelfPublicKeyTable 1 } + +RlSshClientSelfPublicKeyTableEntry ::= SEQUENCE { + rlSshClientSelfPublicKeyFragmentId Unsigned32, + rlSshClientSelfPublicKeyAlgorithm RlSshPublicKeyAlgorithm, + rlSshClientSelfPublicKeyFragmentText DisplayString +} + +rlSshClientSelfPublicKeyFragmentId OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Identifies the index of this fragment in the final key. All segments must + be combined to form one big key." + ::= { rlSshClientSelfPublicKeyTableEntry 1 } + +rlSshClientSelfPublicKeyAlgorithm OBJECT-TYPE + SYNTAX RlSshPublicKeyAlgorithm + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Identifies the type of public key to be displayed." + ::= { rlSshClientSelfPublicKeyTableEntry 2 } + +rlSshClientSelfPublicKeyFragmentText OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "A part of the readable text entry for the router's client public + authorization key." + ::= { rlSshClientSelfPublicKeyTableEntry 3 } + +-- +-- Client Self Key Fingerprint Table +-- +rlSshClientSelfPublicKeyFingerprintTable OBJECT-TYPE + SYNTAX SEQUENCE OF RlSshClientSelfPublicKeyFingerprintTableEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table contains the fingerprint for the client's self key. " + ::= { rlSshClient 4 } + +rlSshClientSelfPublicKeyFingerprintTableEntry OBJECT-TYPE + SYNTAX RlSshClientSelfPublicKeyFingerprintTableEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + " The row definition for this table." + INDEX { rlSshClientSelfPublicKeyFingerprintAlgorithm, rlSshClientSelfPublicKeyFingerprintDigestFormat } + ::= { rlSshClientSelfPublicKeyFingerprintTable 1 } + +RlSshClientSelfPublicKeyFingerprintTableEntry ::= SEQUENCE { + rlSshClientSelfPublicKeyFingerprintAlgorithm RlSshPublicKeyAlgorithm, + rlSshClientSelfPublicKeyFingerprintDigestFormat RlSshPublicKeyDigestFormat, + rlSshClientSelfPublicKeyFingerprint DisplayString +} + +rlSshClientSelfPublicKeyFingerprintAlgorithm OBJECT-TYPE + SYNTAX RlSshPublicKeyAlgorithm + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Identifies the type of public key to be displayed." + ::= { rlSshClientSelfPublicKeyFingerprintTableEntry 1 } + +rlSshClientSelfPublicKeyFingerprintDigestFormat OBJECT-TYPE + SYNTAX RlSshPublicKeyDigestFormat + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Format of the digest to be displayed (OpenSSH or SSH.com)." + ::= { rlSshClientSelfPublicKeyFingerprintTableEntry 2 } + +rlSshClientSelfPublicKeyFingerprint OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SECSH format fingerprint of the client's self key. To prevent man in + the middle attacks, users should make sure the ssh Server's fingerprint, + as printed in the connection process, is similar to the one printed here." + ::= { rlSshClientSelfPublicKeyFingerprintTableEntry 3 } + + +END -- cgit v1.2.3