SSH Configuration And Status [OPENAPI_SSH]

Macros
#define	OPEN_SSHD_KEY_DATA_SIZE_MAX   8192 /* L7_SSHD_KEY_DATA_SIZE_MAX */

Enumerations
enum	OPEN_SCP_OPER_t { OPEN_SCP_OPER_NONE = 0, OPEN_SCP_PUSH = 1, OPEN_SCP_PULL = 2 }
enum	OPEN_SSH_KEY_TYPE_t { OPEN_SSH_KEY_TYPE_RSA = 0, OPEN_SSH_KEY_TYPE_DSA = 1, OPEN_SSH_KEY_TYPE_ECDSA = 2 }
	OpEN uses this enumeration to define SSH key types. More...
enum	OPEN_SSH_PROTO_VERSION_t { OPEN_SSH_PROTO_VERSION_1 = 0, OPEN_SSH_PROTO_VERSION_2 = 1, OPEN_SSH_PROTO_VERSION_BOTH = 2 }
	OpEN uses this enumeration to define SSH protocol versions. More...

Functions
open_error_t	openapiScpServerAdminModeGet (openapiClientHandle_t *client_handle, OPEN_CONTROL_t *scpServerAdminMode)
	Get the SCP server admin mode. More...
open_error_t	openapiScpServerAdminModeSet (openapiClientHandle_t *client_handle, OPEN_CONTROL_t scpServerAdminMode)
	Set the SCP server admin mode to initiate file transfer. More...
open_error_t	openapiSSHActiveSessionsGet (openapiClientHandle_t *client_handle, uint32_t *sshActiveSessions)
	Get the active number of SSH sessions. More...
open_error_t	openapiSSHAdminModeGet (openapiClientHandle_t *client_handle, OPEN_CONTROL_t *sshAdminMode)
	Get the admin mode of SSH. More...
open_error_t	openapiSSHAdminModeSet (openapiClientHandle_t *client_handle, OPEN_CONTROL_t sshAdminMode)
	Set the admin mode of SSH. More...
open_error_t	openapiSshdCfgKeyLenGet (openapiClientHandle_t *client_handle, OPEN_SSH_KEY_TYPE_t type, uint32_t *pLength)
	Gets the configured key length of SSH key. More...
open_error_t	openapiSshdKeyDataGet (openapiClientHandle_t *client_handle, OPEN_SSH_KEY_TYPE_t type, open_buffdesc *pkeyData)
	Gets key data for a specific key type. More...
open_error_t	openapiSshdKeyLenGet (openapiClientHandle_t *client_handle, OPEN_SSH_KEY_TYPE_t type, uint32_t *pLength)
	Gets the length of the existing SSH key. More...
open_error_t	openapiSshdKeyLenSet (openapiClientHandle_t *client_handle, OPEN_SSH_KEY_TYPE_t type, uint32_t length)
	Set the length for SSH Key to be generated. More...
open_error_t	openapiSshdPortNumGet (openapiClientHandle_t *client_handle, uint32_t *pPort)
	Gets ssh server port number. More...
open_error_t	openapiSshdPortNumSet (openapiClientHandle_t *client_handle, uint32_t portNum)
	Sets the port number to be used for SSH Server. More...
open_error_t	openapiSshdProtoLevelFlagsGet (openapiClientHandle_t *client_handle, OPEN_BOOL_t *pSshV1Flag, OPEN_BOOL_t *pSshV2Flag)
	Gets ssh version flags. More...
open_error_t	openapiSSHKeyDelete (openapiClientHandle_t *client_handle, OPEN_SSH_KEY_TYPE_t sshKeyType)
	Delete the generated SSH key pairs. More...
open_error_t	openapiSSHKeyGenerate (openapiClientHandle_t *client_handle, OPEN_SSH_KEY_TYPE_t sshKeyType)
	Generate SSH key pairs. More...
open_error_t	openapiSSHKeyStatusGet (openapiClientHandle_t *client_handle, OPEN_SSH_KEY_TYPE_t sshKeyType)
	Check the status of SSH key. More...
open_error_t	openapiSSHMaxSessionsDefaultSet (openapiClientHandle_t *client_handle)
	Set the maximum number of allowed SSH sessions to the default. More...
open_error_t	openapiSSHMaxSessionsGet (openapiClientHandle_t *client_handle, uint32_t *sshMaxSessions)
	Get the maximum number of SSH sessions allowed. More...
open_error_t	openapiSSHMaxSessionsSet (openapiClientHandle_t *client_handle, uint32_t sshMaxSessions)
	Set the maximum number of allowed SSH sessions. More...
open_error_t	openapiSSHProtocolVersionGet (openapiClientHandle_t *client_handle, OPEN_SSH_PROTO_VERSION_t *protoVersion)
	Get the SSH protocol version. More...
open_error_t	openapiSSHProtocolVersionSet (openapiClientHandle_t *client_handle, OPEN_SSH_PROTO_VERSION_t protoVersion)
	Set the SSH protocol version. More...
open_error_t	openapiSSHPubKeyAuthModeGet (openapiClientHandle_t *client_handle, OPEN_CONTROL_t *sshdPubKeyAuthMode)
	Get the admin mode of SSH public key. More...
open_error_t	openapiSSHPubKeyGet (openapiClientHandle_t *client_handle, OPEN_SSH_KEY_TYPE_t sshKeyType, open_buffdesc *userName, open_buffdesc *pubKey)
	Get the SSH public key for specified user. More...
open_error_t	openapiSSHSessionTimeoutGet (openapiClientHandle_t *client_handle, uint32_t *sshSessionTimeout)
	Get the SSH session idle timeout value. More...
open_error_t	openapiSSHSessionTimeoutSet (openapiClientHandle_t *client_handle, uint32_t sshSessionTimeout)
	Set the SSH session idle timeout. More...

Detailed Description

Enumeration Type Documentation

enum OPEN_SSH_KEY_TYPE_t

OpEN uses this enumeration to define SSH key types.

Enumerator
OPEN_SSH_KEY_TYPE_RSA	SSH Key Type RSA.
OPEN_SSH_KEY_TYPE_DSA	SSH Key Type DSA.
OPEN_SSH_KEY_TYPE_ECDSA	SSH Key Type ECDSA.

Definition at line 46 of file openapi_ssh.h.

enum OPEN_SSH_PROTO_VERSION_t

OpEN uses this enumeration to define SSH protocol versions.

Enumerator
OPEN_SSH_PROTO_VERSION_2	SSH Protocol Version 2.
OPEN_SSH_PROTO_VERSION_BOTH	SSH Protocol Version Both (1 and 2) option not supported.

Definition at line 54 of file openapi_ssh.h.

Function Documentation

open_error_t openapiScpServerAdminModeGet	(	openapiClientHandle_t *	client_handle,
		OPEN_CONTROL_t *	scpServerAdminMode
	)

Get the SCP server admin mode.

Parameters

[in]	client_handle	Client handle from registration API
[out]	scpServerAdminMode	SCP Remote server mode enabled or disabled. Must be one of the following: OPEN_DISABLE or OPEN_ENABLE

Return values

OPEN_E_NONE	if get SCP remote server admin mode status.
OPEN_E_FAIL	if failed to get SCP server admin mode.
OPEN_E_PARAM	if invalid input parameters is passed.

OpEN API Version: 1.14

Examples:

ssh_example.c.

open_error_t openapiScpServerAdminModeSet	(	openapiClientHandle_t *	client_handle,
		OPEN_CONTROL_t	scpServerAdminMode
	)

Set the SCP server admin mode to initiate file transfer.

Parameters

[in]	client_handle	Client handle from registration API
[in]	scpServerAdminMode	SCP Remote server mode enabled or disabled. Must be one of the following: OPEN_DISABLE or OPEN_ENABLE

Return values

OPEN_E_NONE	if SCP remote server mode status set.
OPEN_E_FAIL	if failed to get SCP server admin mode.
OPEN_E_PARAM	if invalid input parameters is passed.

OpEN API Version: 1.14

Examples:

ssh_example.c.

open_error_t openapiSSHActiveSessionsGet	(	openapiClientHandle_t *	client_handle,
		uint32_t *	sshActiveSessions
	)

Get the active number of SSH sessions.

Parameters

[in]	client_handle	Client handle from registration API
[out]	sshActiveSessions	Active SSH sessions

Return values

OPEN_E_NONE	if the number of active SSH sessions is returned.
OPEN_E_FAIL	if failed to get number of active SSH sessions.
OPEN_E_PARAM	if invalid parameter is passed.

OpEN API Version: 1.1

Examples:

ssh_example.c.

open_error_t openapiSSHAdminModeGet	(	openapiClientHandle_t *	client_handle,
		OPEN_CONTROL_t *	sshAdminMode
	)

Get the admin mode of SSH.

Parameters

[in]	client_handle	Client handle from registration API
[out]	sshAdminMode	SSH admin mode. Must be one of the following: OPEN_DISABLE or OPEN_ENABLE

Return values

OPEN_E_NONE	if SSH admin mode is returned.
OPEN_E_FAIL	if failed to return SSH admin mode.
OPEN_E_PARAM	if invalid parameter is passed.

OpEN API Version: 1.1

Examples:

ssh_example.c.

open_error_t openapiSSHAdminModeSet	(	openapiClientHandle_t *	client_handle,
		OPEN_CONTROL_t	sshAdminMode
	)

Set the admin mode of SSH.

Parameters

[in]	client_handle	Client handle from registration API
[in]	sshAdminMode	SSH admin mode. Must be one of the following: OPEN_DISABLE or OPEN_ENABLE

Return values

OPEN_E_NONE	if SSH admin mode is set.
OPEN_E_FAIL	if the RSA and DSA keys are not present.
OPEN_E_PARAM	if invalid parameter is passed.

Note

Calling this API will change the running configuration of the switch.

The API returns OPEN_E_FAIL only for OPEN_ENABLE mode if RSA and DSA keys are not found.

OpEN API Version: 1.1

Examples:

ssh_example.c.

open_error_t openapiSshdCfgKeyLenGet	(	openapiClientHandle_t *	client_handle,
		OPEN_SSH_KEY_TYPE_t	type,
		uint32_t *	pLength
	)

Gets the configured key length of SSH key.

Parameters

[in]	client_handle	client handle from registration API
[in]	type	SSH key type
[out]	pLength	key length

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note

This API fetches SSH key length

OpEN API Version: 1.25

Examples:

ssh_example.c.

open_error_t openapiSshdKeyDataGet	(	openapiClientHandle_t *	client_handle,
		OPEN_SSH_KEY_TYPE_t	type,
		open_buffdesc *	pkeyData
	)

Gets key data for a specific key type.

Parameters

[in]	client_handle	client handle from registration API
[in]	type	SSH key type RSA or DSA.
[out]	pkeyData	key data in hex format

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note

This API fetches key data for a specific key

OpEN API Version: 1.25

Examples:

ssh_example.c.

open_error_t openapiSshdKeyLenGet	(	openapiClientHandle_t *	client_handle,
		OPEN_SSH_KEY_TYPE_t	type,
		uint32_t *	pLength
	)

Gets the length of the existing SSH key.

Parameters

[in]	client_handle	client handle from registration API
[in]	type	SSH key type
[out]	pLength	key length

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note

This API fetches existing SSH key length

OpEN API Version: 1.25

Examples:

ssh_example.c.

open_error_t openapiSshdKeyLenSet	(	openapiClientHandle_t *	client_handle,
		OPEN_SSH_KEY_TYPE_t	type,
		uint32_t	length
	)

Set the length for SSH Key to be generated.

Parameters

[in]	client_handle	client handle from registration API
[in]	type	SSH key type
[in]	length	key length

Return values

OPEN_E_UNAVAIL	parameter not supported.
OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note

This API sets length for SSH Key generation

Calling this API will change the running configuration of the switch.

OpEN API Version: 1.25

Examples:

ssh_example.c.

open_error_t openapiSshdPortNumGet	(	openapiClientHandle_t *	client_handle,
		uint32_t *	pPort
	)

Gets ssh server port number.

Parameters

[in]	client_handle	client handle from registration API
[out]	pPort	telnet access port number

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note

This API fetches ssh server access port number

OpEN API Version: 1.25

Examples:

ssh_example.c.

open_error_t openapiSshdPortNumSet	(	openapiClientHandle_t *	client_handle,
		uint32_t	portNum
	)

Sets the port number to be used for SSH Server.

Parameters

[in]	client_handle	client handle from registration API
[in]	portNum	SSH server port-number

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note

This API sets port number to be used for SSH Server

Calling this API will change the running configuration of the switch.

OpEN API Version: 1.25

Examples:

ssh_example.c.

open_error_t openapiSshdProtoLevelFlagsGet	(	openapiClientHandle_t *	client_handle,
		OPEN_BOOL_t *	pSshV1Flag,
		OPEN_BOOL_t *	pSshV2Flag
	)

Gets ssh version flags.

Parameters

[in]	client_handle	client handle from registration API
[out]	pSshV1Flag	ssh version 1 flag
[out]	pSshV2Flag	ssh version 2 flag

Return values

OPEN_E_NONE	On success.
OPEN_E_FAIL	On failure.
OPEN_E_PARAM	Invalid argument.

Note

This API fetched information of ssh version flags

OpEN API Version: 1.25

Examples:

ssh_example.c.

open_error_t openapiSSHKeyDelete	(	openapiClientHandle_t *	client_handle,
		OPEN_SSH_KEY_TYPE_t	sshKeyType
	)

Delete the generated SSH key pairs.

Parameters

[in]	client_handle	Client handle from registration API
[in]	sshKeyType	SSH key type. Must be one of the following: OPEN_SSH_KEY_TYPE_RSA or OPEN_SSH_KEY_TYPE_DSA

Return values

OPEN_E_NONE	if the generated key is deleted.
OPEN_E_FAIL	if SSH admin mode is enabled.
OPEN_E_PARAM	if invalid parameter is passed.

Note

SSH admin mode must be disabled to delete the keys.

OpEN API Version: 1.1

Examples:

ssh_example.c.

open_error_t openapiSSHKeyGenerate	(	openapiClientHandle_t *	client_handle,
		OPEN_SSH_KEY_TYPE_t	sshKeyType
	)

Generate SSH key pairs.

Parameters

[in]	client_handle	Client handle from registration API
[in]	sshKeyType	SSH key type. Must be one of the following: OPEN_SSH_KEY_TYPE_RSA or OPEN_SSH_KEY_TYPE_DSA

Return values

OPEN_E_NONE	if SSH key is generated.
OPEN_E_FAIL	if SSH admin mode is enabled or if key generation is in progress or if failed to generate SSH key.
OPEN_E_PARAM	if invalid parameter is passed.

Note

SSH admin mode must be disabled to regenerate the keys.

OpEN API Version: 1.1

Examples:

ssh_example.c.

open_error_t openapiSSHKeyStatusGet	(	openapiClientHandle_t *	client_handle,
		OPEN_SSH_KEY_TYPE_t	sshKeyType
	)

Check the status of SSH key.

Parameters

[in]	client_handle	Client handle from registration API
[in]	sshKeyType	SSH key type. Must be one of the following: OPEN_SSH_KEY_TYPE_RSA or OPEN_SSH_KEY_TYPE_DSA

Return values

OPEN_E_NONE	if SSH key exists.
OPEN_E_FAIL	if SSH key generation is in progress.
OPEN_E_NOT_FOUND	if SSH key does not exist.
OPEN_E_INTERNAL	if internal error has occurred.
OPEN_E_PARAM	if invalid parameter is passed.

OpEN API Version: 1.1

Examples:

ssh_example.c.

open_error_t openapiSSHMaxSessionsDefaultSet

(

openapiClientHandle_t *

client_handle

)

Set the maximum number of allowed SSH sessions to the default.

Parameters

[in]

client_handle

Client handle from registration API

Return values

OPEN_E_NONE	if maximum number SSH sessions is set to default.
OPEN_E_FAIL	if failed to set maximum SSH sessions to default.
OPEN_E_PARAM	if invalid parameter is passed.

Note

Calling this API will change the running configuration of the switch.

OpEN API Version: 1.1

Examples:

ssh_example.c.

open_error_t openapiSSHMaxSessionsGet	(	openapiClientHandle_t *	client_handle,
		uint32_t *	sshMaxSessions
	)

Get the maximum number of SSH sessions allowed.

Parameters

[in]	client_handle	Client handle from registration API
[out]	sshMaxSessions	Maximum number of SSH sessions

Return values

OPEN_E_NONE	if maximum number of SSH sessions is returned.
OPEN_E_PARAM	if invalid parameter is passed.

OpEN API Version: 1.1

Examples:

ssh_example.c.

open_error_t openapiSSHMaxSessionsSet	(	openapiClientHandle_t *	client_handle,
		uint32_t	sshMaxSessions
	)

Set the maximum number of allowed SSH sessions.

Parameters

[in]	client_handle	Client handle from registration API
[in]	sshMaxSessions	Maximum number of SSH sessions

Return values

OPEN_E_NONE	if maximum number of SSH sessions is set.
OPEN_E_FAIL	if failed to set maximum SSH sessions.
OPEN_E_PARAM	if invalid parameter is passed.

Note

The maximum number of sessions can be obtained by using the OpEN API openapiSSHMaxSessionsGet() function.

Calling this API will change the running configuration of the switch.

OpEN API Version: 1.1

Examples:

ssh_example.c.

open_error_t openapiSSHProtocolVersionGet	(	openapiClientHandle_t *	client_handle,
		OPEN_SSH_PROTO_VERSION_t *	protoVersion
	)

Get the SSH protocol version.

Parameters

[in]	client_handle	Client handle from registration API
[out]	protoVersion	SSH protocol version

Return values

OPEN_E_NONE	if SSH protocol version is returned successfully.
OPEN_E_PARAM	if invalid parameter is passed.

OpEN API Version: 1.1

Examples:

ssh_example.c.

open_error_t openapiSSHProtocolVersionSet	(	openapiClientHandle_t *	client_handle,
		OPEN_SSH_PROTO_VERSION_t	protoVersion
	)

Set the SSH protocol version.

Parameters

[in]	client_handle	Client handle from registration API
[in]	protoVersion	SSH protocol version. Must be set to OPEN_SSH_PROTO_VERSION_2

Return values

OPEN_E_NONE	if SSH protocol version is set.
OPEN_E_FAIL	if failed to set SSH protocol version.
OPEN_E_UNAVAIL	SSH protocol version 1 not supported.
OPEN_E_PARAM	if invalid parameter is passed.

Note

Calling this API will change the running configuration of the switch. Only SSH protocol vesion 2 supported. SSH protocol vesion 1 deprecated by OpenSSH7.5p1 version.

OpEN API Version: 1.1

Examples:

ssh_example.c.

open_error_t openapiSSHPubKeyAuthModeGet	(	openapiClientHandle_t *	client_handle,
		OPEN_CONTROL_t *	sshdPubKeyAuthMode
	)

Get the admin mode of SSH public key.

Parameters

[in]	client_handle	Client handle from registration API
[out]	sshdPubKeyAuthMode	SSH public key auth mode. Must be one of the following: OPEN_DISABLE or OPEN_ENABLE

Return values

OPEN_E_NONE	if SSH public key mode is returned.
OPEN_E_FAIL	if failed to return SSH public key mode.
OPEN_E_PARAM	if invalid parameter is passed.

OpEN API Version: 1.1

open_error_t openapiSSHPubKeyGet	(	openapiClientHandle_t *	client_handle,
		OPEN_SSH_KEY_TYPE_t	sshKeyType,
		open_buffdesc *	userName,
		open_buffdesc *	pubKey
	)

Get the SSH public key for specified user.

Parameters

[in]	client_handle	Client handle from registration API
[in]	sshKeyType	SSH key type. Must be one of the following: OPEN_SSH_KEY_TYPE_RSA or OPEN_SSH_KEY_TYPE_DSA
[in]	userName	SSH user name supplied by SSH client
[out]	pubKey	SSH public key

Return values

OPEN_E_NONE	if SSH public key is returned.
OPEN_E_FAIL	if failed to return SSH public key.
OPEN_E_PARAM	if invalid parameter is passed.

OpEN API Version: 1.1

open_error_t openapiSSHSessionTimeoutGet	(	openapiClientHandle_t *	client_handle,
		uint32_t *	sshSessionTimeout
	)

Get the SSH session idle timeout value.

Parameters

[in]	client_handle	Client handle from registration API
[out]	sshSessionTimeout	SSH session idle timeout

Return values

OPEN_E_NONE	if SSH idle session timeout is returned successfully.
OPEN_E_FAIL	if failed to get SSH session idle timeout value.
OPEN_E_PARAM	if invalid parameter is passed.

OpEN API Version: 1.1

Examples:

ssh_example.c.

open_error_t openapiSSHSessionTimeoutSet	(	openapiClientHandle_t *	client_handle,
		uint32_t	sshSessionTimeout
	)

Set the SSH session idle timeout.

Parameters

[in]	client_handle	Client handle from registration API
[in]	sshSessionTimeout	SSH session idle timeout
	-	Maximum value OPENAPI_SSHD_MAX_TIMEOUT

Return values

OPEN_E_NONE	if SSH session idle timeout is set.
OPEN_E_FAIL	if failed to set SSH session idle timeout value.
OPEN_E_PARAM	if invalid parameter is passed.

Note

Setting sshSessionTimeout to 0 indicates the default timeout value.

Calling this API will change the running configuration of the switch.

OpEN API Version: 1.1

Examples:

ssh_example.c.