AD | Application | AWS | Azure | Cloud | Database | Enterprise | Environmental | Event Log | File System | IoT | IT Service | Network/System | Infra | Performance | Protocol | SaaS | Security | Service Level | Storage | Linux | VMware | VoIP | Web | Wireless | SNMP

Crumbtrail

MonitorTools.com » Technical documentation » SNMP » MIB » Cisco » CISCO-SECURE-SHELL-MIB

CISCO-SECURE-SHELL-MIB device MIB details by Cisco

CISCO-SECURE-SHELL-MIB file content

The SNMP protocol is used to for conveying information and commands between agents and managing entities. SNMP uses the User Datagram Protocol (UDP) as the transport protocol for passing data between managers and agents. The reasons for using UDP for SNMP are, firstly it has low overheads in comparison to TCP, which uses a 3-way hand shake for connection. Secondly, in congested networks, SNMP over TCP is a bad idea because TCP in order to maintain reliability will flood the network with retransmissions.

Management information (MIB) is represented as a collection of managed objects. These objects together form a virtual information base called MIB. An agent may implement many MIBs, but all agents must implement a particular MIB called MIB-II [16]. This standard defines variables for things such as interface statistics (interface speeds, MTU, octets sent, octets received, etc.) as well as various other things pertaining to the system itself (system location, system contact, etc.). The main goal of MIB-II is to provide general TCP/IP management information.

Use ActiveXperts Network Monitor 2024 to import vendor-specific MIB files, inclusing CISCO-SECURE-SHELL-MIB.


Vendor: Cisco
Mib: CISCO-SECURE-SHELL-MIB  [download]  [view objects]
Tool: ActiveXperts Network Monitor 2024 [download]    (ships with advanced SNMP/MIB tools)
-- *********************************************************************
-- CISCO-SECURE-SHELL-MIB.my: Cisco Secure Shell Mib
--
-- October 2002, Charuhas Ghatge
-- April 2004, Dipesh Gorashia
--
-- Copyright (c) 2002, 2003, 2004 by cisco Systems, Inc.
-- All rights reserved.
--
-- *********************************************************************

CISCO-SECURE-SHELL-MIB DEFINITIONS ::= BEGIN

IMPORTS        
     MODULE-IDENTITY, OBJECT-TYPE,
     Integer32, Unsigned32                  FROM SNMPv2-SMI
     MODULE-COMPLIANCE, OBJECT-GROUP        FROM SNMPv2-CONF
     RowStatus, TimeStamp, DisplayString,
     TruthValue, TEXTUAL-CONVENTION         FROM SNMPv2-TC
     SnmpAdminString                        FROM SNMP-FRAMEWORK-MIB
     InetAddressType, InetAddress           FROM INET-ADDRESS-MIB
     ciscoMgmt                              FROM CISCO-SMI;


ciscoSecureShellMIB MODULE-IDENTITY
        LAST-UPDATED "200404050000Z"
        ORGANIZATION "Cisco Systems, Inc."
        CONTACT-INFO
            "Cisco Systems
             Postal: 170 W Tasman Drive
             San Jose, CA  95134
             USA
             Tel: +1 800 553 -NETS
             E-mail: cs-san@cisco.com,
                     cs-lan-switch-snmp@cisco.com"
        DESCRIPTION
                "MIB module for displaying and configuring 
             accounting and Secure Shell (SSH) related  
             features in a device.

             SSH is a program to log into another computer over
             a network, to execute commands in a remote machine 
             and to move files from one machine to another. It
             provides strong authentication and secure communications
             over unsecure channels.
             
             For more information on SSH, please refer to IETF draft,
             draft-ietf-tls-ssh-00.txt." 

        REVISION   "200404050000Z"
        DESCRIPTION
            "Added cssServiceModeCfgGroup and cssSessionInfoGroup
            to the MIB module."

        REVISION   "200309180000Z"
        DESCRIPTION
            "Added cssKeyString object to the cssKeyTable.
             Changed the description of cssServiceActivation"
        REVISION   "200210050000Z"
        DESCRIPTION
            "Initial version of this MIB module."
        ::= { ciscoMgmt 339 }


ciscoSecureShellMIBObjects
        OBJECT IDENTIFIER ::= { ciscoSecureShellMIB 1 }

cssConfiguration 
        OBJECT IDENTIFIER ::= { ciscoSecureShellMIBObjects 1 }

cssSessionInfo
        OBJECT IDENTIFIER ::= { ciscoSecureShellMIBObjects 2 }


CssVersions ::= TEXTUAL-CONVENTION
   STATUS  current
   DESCRIPTION
           "An indication of the Secure Shell protocol versions 
            supported or enabled on the device."
   SYNTAX BITS {
       v1(0), -- ssh v1 
       v2(1)  -- ssh v2
   }

-- The SSH Configuration group

cssServiceActivation  OBJECT-TYPE
    SYNTAX              TruthValue 
    MAX-ACCESS          read-write
    STATUS              current
    DESCRIPTION   
           "Enables or disables the Secure Shell (SSH) service on 
            the device. 
           "
    DEFVAL { false }
    ::= { cssConfiguration 1 } 

cssKeyTable        OBJECT-TYPE
    SYNTAX         SEQUENCE OF CssKeyEntry
    MAX-ACCESS     not-accessible
    STATUS         current
    DESCRIPTION   
           "cssKeyTable is a table that lets the user configure 
            the SSH keys"
    ::= { cssConfiguration 2 }

cssKeyEntry         OBJECT-TYPE
    SYNTAX          CssKeyEntry
    MAX-ACCESS      not-accessible
    STATUS          current
    DESCRIPTION   
           "A SSH key table entry. The index specifies which
            protocol the user wants to generate the key for.

            To create the key for a protocol (for the first time),  
            following steps are to be taken by the Network 
            Management System.

            1. Choose the Protocol, by specifying the cssKeyIndex
            2. Choose nbits, by specifying the cssKeyNBits value
            3. cssKeyRowStatus as createAndGo (4)

            To delete the key for a protocol, following steps 
            are to be taken by the Network Management System 

            1. Choose the Protocol, by specifying the cssKeyIndex
            2. cssKeyRowStatus as destroy (6)

            To overwrite the existing key for a protocol 

            1. Choose the Protocol, by specifying the cssKeyIndex 
            2. Choose the nbits, by specifying the cssKeyNBits value
            3. cssKeyOverWrite as true(1)."
    INDEX  { cssKeyIndex }
    ::= { cssKeyTable 1 }

CssKeyEntry ::=
        SEQUENCE {                             
                   cssKeyIndex              INTEGER,
                   cssKeyNBits              Integer32,
                   cssKeyOverWrite          TruthValue,
                   cssKeyLastCreationTime   TimeStamp,
                   cssKeyRowStatus          RowStatus,
                   cssKeyString             DisplayString
        }

cssKeyIndex       OBJECT-TYPE
    SYNTAX        INTEGER {
                           rsa(1),
                           rsa1(2),
                           dsa(3)
                  }
    MAX-ACCESS    not-accessible
    STATUS        current
    DESCRIPTION   
           "The SSH Protocol Identifier for which this entry 
            pertains to. The protocol can be rsa1, dsa or rsa.

            rsa  - A public-key cryptosystem defined by Rivest,
                  Shamir and Adleman. This is used with version 2 
                  of the SSH.

            rsa1 - Same as rsa, but this is used with version 1 of 
                   the SSH.

            dsa  - Digital Signature Algorithm, a public key
                  cipher used to generate digital signatures."
    ::= { cssKeyEntry 1 }

cssKeyNBits       OBJECT-TYPE
    SYNTAX        Integer32 (512..2048)
    MAX-ACCESS    read-create
    STATUS        current
    DESCRIPTION   
           "The number of bits provided to generate the key.
            This determines the length of the kestring
            generated by the SSH.

            This object cannot be modified while this row is
            active, unless the associated cssKeyOverWrite 
            object is set to True in the same Set PDU."
    ::= { cssKeyEntry 2 }

cssKeyOverWrite    OBJECT-TYPE
    SYNTAX         TruthValue
    MAX-ACCESS     read-create
    STATUS         current
    DESCRIPTION
           "This object specifies whether an existing key for 
            the protocol should be overwritten with a new key.
            No action is taken if this object is set to 'false'.
            The value of this object when read is always 'false'."
    ::= { cssKeyEntry 3 }

cssKeyLastCreationTime    OBJECT-TYPE
    SYNTAX                TimeStamp
    MAX-ACCESS            read-only
    STATUS                current
    DESCRIPTION
            "The time of the last creation of the key."
        ::= { cssKeyEntry 4 }

cssKeyRowStatus       OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
               "Status of this row."
        ::= { cssKeyEntry 5 }

cssKeyString              OBJECT-TYPE
    SYNTAX                DisplayString (SIZE (0..255))
    MAX-ACCESS            read-only
    STATUS                current
    DESCRIPTION
            "The SSH public key string that is generated."
        ::= { cssKeyEntry 6 }

cssServiceCapability  OBJECT-TYPE
   SYNTAX               CssVersions 
   MAX-ACCESS           read-only
   STATUS               current
   DESCRIPTION
           "The object indicates which versions of Secure Shell protocol
           are supported by the device.

           If the bit 'v1' is set to 1, it indicates that the device 
           supports SSH protocol version 1. 

           If the bit 'v2' is set to 1, it indicates that the device 
           supports SSH protocol version 2." 
   ::= { cssConfiguration 3 }
 
cssServiceMode OBJECT-TYPE
   SYNTAX        CssVersions
   MAX-ACCESS    read-write
   STATUS        current
   DESCRIPTION
           "This object specifies which versions of Secure Shell 
           protocol connections that device will accept from 
           Secure Shell clients.

           If the bit 'v1' is set to 1, the device will accept 
           SSH version 1 connections. 
 
           If the bit 'v2' is set to 1, the device will accept 
           SSH version 2 connections. 
 
           At least one of the version bits must be set to 1." 
   ::= { cssConfiguration 4 }

cssSessionTable  OBJECT-TYPE
   SYNTAX         SEQUENCE OF CssSessionEntry
   MAX-ACCESS     not-accessible
   STATUS      current
   DESCRIPTION
           "Table to list detailed information about existing  
           Secure Shell sessions on the device."
   ::= { cssSessionInfo 1 }

cssSessionEntry OBJECT-TYPE
    SYNTAX        CssSessionEntry
    MAX-ACCESS    not-accessible
    STATUS        current
    DESCRIPTION
            "An entry in the cssSessionTable, that provides
            detailed information about all the existing SSH sessions on
            the device. 
 
            An entry will be created for every SSH session established
            on the device. The entry will be removed upon termination
            of the SSH session."
    INDEX    { cssSessionID }
    ::= { cssSessionTable 1 }

CssSessionEntry ::=
    SEQUENCE {
        cssSessionID             Unsigned32,
        cssSessionVersion        INTEGER,
        cssSessionState          INTEGER,
        cssSessionPID            Unsigned32,
        cssSessionUserID         SnmpAdminString,
        cssSessionHostAddrType   InetAddressType,
        cssSessionHostAddr       InetAddress
    }

cssSessionID  OBJECT-TYPE
   SYNTAX     Unsigned32
   MAX-ACCESS not-accessible
   STATUS     current
   DESCRIPTION
           "An arbitrary index that uniquely identifies a Secure Shell
           Session"
    ::= { cssSessionEntry 1 }

cssSessionVersion OBJECT-TYPE
   SYNTAX     INTEGER { one(1),
                        two(2)
                      }
   MAX-ACCESS read-only
   STATUS     current
   DESCRIPTION
           "The object indicates the version of Secure Shell used by
           this session."
    ::= { cssSessionEntry 2 }

cssSessionState OBJECT-TYPE
   SYNTAX       INTEGER {  sshSessionVersionOk(1),  
                           sshSessionKeysExchanged(2),
                           sshSessionAuthenticated(3),
                           sshSessionOpen(4),
                           sshSessionDisconnecting(5),
                           sshSessionDisconnected(6),
                           sshSessionClosed(7)
                        }
   MAX-ACCESS   read-only
   STATUS       current
   DESCRIPTION
           "The object indicates the current state of Secure Shell 
           Session.

           The state sshSessionVersionOk(1) indicates that server and 
           client versions of SSH are exchanged and are compatible.

           The state sshSessionKeysExchanged(2) indicates that key 
           exchange has been completed.

           The state sshSessionAuthenticated(3) indicates that the 
           client has been successfully authenticated.

           The state sshSessionOpen(4) indicates that the session has  
           been successfully opened.

           The state sshSessionDisconnecting(5) indicates that the
           session disconnection has begun.

           The state sshSessionDisconnected(6) indicates that the
           session has been disconnected.

           The state sshSessionClosed(7) indicates that the session 
           has closed."
    ::= { cssSessionEntry 3 }

cssSessionPID OBJECT-TYPE
   SYNTAX        Unsigned32
   MAX-ACCESS    read-only
   STATUS        current
   DESCRIPTION
           "The object indicates the process ID of the process
           serving this SSH session on the device."
    ::= { cssSessionEntry 4 }

cssSessionUserID OBJECT-TYPE
   SYNTAX        SnmpAdminString
   MAX-ACCESS    read-only
   STATUS        current
   DESCRIPTION
           "The object indicates user name associated with this 
           SSH session."
    ::= { cssSessionEntry 5 }

cssSessionHostAddrType OBJECT-TYPE
   SYNTAX        InetAddressType
   MAX-ACCESS    read-only
   STATUS        current
   DESCRIPTION
           "This object describes the type of Internet address used
           by host associated with this SSH session." 
    ::= { cssSessionEntry 6 }

cssSessionHostAddr OBJECT-TYPE
   SYNTAX        InetAddress
   MAX-ACCESS    read-only
   STATUS        current
   DESCRIPTION
           "The object indicates the Internet address of the host
           associated with this SSH session."
    ::= { cssSessionEntry 7 }



-- Conformance

ciscoSecureShellMIBConformance
       OBJECT IDENTIFIER ::= { ciscoSecureShellMIB 2 }

ciscoSecureShellMIBCompliances
       OBJECT IDENTIFIER ::= { ciscoSecureShellMIBConformance 1 }

ciscoSecureShellMIBGroups
       OBJECT IDENTIFIER ::= { ciscoSecureShellMIBConformance 2 }


ciscoSecureShellMIBCompliance MODULE-COMPLIANCE
        STATUS   deprecated
        DESCRIPTION
                "The compliance statement for entities which
                 implement the CISCO-SECURE-SHELL-MIB."
        MODULE MANDATORY-GROUPS { 
                 cssConfigurationGroup
        }

        OBJECT     cssKeyRowStatus
        SYNTAX     INTEGER {             
                     active(1),
                     createAndGo(4),
                     destroy(6)}
        DESCRIPTION 
                "Only 'createAndGo', 'destroy' and 'active' need to
                 be supported. notInService, notReady and createAndWait
                 will not be supported."
        ::= { ciscoSecureShellMIBCompliances 1 }

ciscoSecureShellMIBComplianceRv1 MODULE-COMPLIANCE
        STATUS   deprecated
        DESCRIPTION
                "The compliance statement for entities which
                 implement the CISCO-SECURITY-MIB."
        MODULE MANDATORY-GROUPS {
                 cssConfigurationGroupRev1
        }

        OBJECT     cssKeyRowStatus
        SYNTAX     INTEGER {
                     active(1),
                     createAndGo(4),
                     destroy(6)}
        DESCRIPTION
                "Only 'createAndGo', 'destroy' and 'active' need to
                 be supported. notInService, notReady and createAndWait
                 will not be supported."
        ::= { ciscoSecureShellMIBCompliances 2 }

ciscoSecureShellMIBComplianceRv2 MODULE-COMPLIANCE
        STATUS   current
        DESCRIPTION
                "The compliance statement for entities which
                 implement the CISCO-SECURE-SHELL-MIB."
        MODULE MANDATORY-GROUPS {
                 cssConfigurationGroupRev1
        }

        OBJECT     cssKeyRowStatus
        SYNTAX     INTEGER {
                     active(1),
                     createAndGo(4),
                     destroy(6)}
        DESCRIPTION
                "Only 'createAndGo', 'destroy' and 'active' need to
                 be supported. notInService, notReady and createAndWait
                 will not be supported."

        GROUP      cssServiceModeCfgGroup
        DESCRIPTION
                "Implementation of this group is optional."

        GROUP      cssSessionInfoGroup
        DESCRIPTION
                "Implementation of this group is optional."
        ::= { ciscoSecureShellMIBCompliances 3 }


-- Units of Conformance

cssConfigurationGroup  OBJECT-GROUP
        OBJECTS  { 
                   cssServiceActivation,
                   cssKeyNBits,
                   cssKeyOverWrite,
                   cssKeyLastCreationTime,
                   cssKeyRowStatus
                 }                  
        STATUS   deprecated
        DESCRIPTION
                "A collection of objects for SSH configuration."
        ::= { ciscoSecureShellMIBGroups 1 }

cssConfigurationGroupRev1  OBJECT-GROUP
        OBJECTS  {
                   cssServiceActivation,
                   cssKeyNBits,
                   cssKeyOverWrite,
                   cssKeyLastCreationTime,
                   cssKeyString,
                   cssKeyRowStatus
                 }
        STATUS   current
        DESCRIPTION
                "A collection of objects for SSH configuration."
        ::= { ciscoSecureShellMIBGroups 2 }

cssServiceModeCfgGroup  OBJECT-GROUP
        OBJECTS  {
                   cssServiceCapability,
                   cssServiceMode
                 }
        STATUS   current
        DESCRIPTION
                "A collection of objects for SSH mode configuration."
        ::= { ciscoSecureShellMIBGroups 3 }

cssSessionInfoGroup  OBJECT-GROUP
        OBJECTS  {
                   cssSessionVersion,
                   cssSessionState,
                   cssSessionPID,
                   cssSessionUserID,
                   cssSessionHostAddrType,
                   cssSessionHostAddr
                 }
        STATUS   current
        DESCRIPTION
                "A collection of objects to display SSH 
                session related information."
        ::= { ciscoSecureShellMIBGroups 4 } 
END