--MibName=raisecomSsh
-- =======================================================================
-- SSH MIB 
--
-- Version 1.0 Created at Sep 10, 2007 by LIQIONG
-- 
-- 
--
-- Copyright(c) 2002-2005 by RAISECOM TECH, Ltd. 
-- =======================================================================


RAISECOM-SSH-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE,
    NOTIFICATION-TYPE, OBJECT-IDENTITY,
    IpAddress
        FROM SNMPv2-SMI   
    TruthValue, RowStatus  
        FROM SNMPv2-TC                    
    EnableVar
        FROM SWITCH-TC
    raisecomAgent
    	FROM RAISECOM-BASE-MIB;            
        
 raisecomSsh MODULE-IDENTITY
    LAST-UPDATED "200009210000Z"         -- 21 September 2000
    ORGANIZATION "raisecom"
    CONTACT-INFO

        "raisecom"
    DESCRIPTION
        ""

    ::= { raisecomAgent 15 }

raisecomSshObjects             	OBJECT IDENTIFIER ::= { raisecomSsh 1 }
raisecomSshTraps         		OBJECT IDENTIFIER ::= { raisecomSsh 2 }
            
-- raisecomSshSvrConfiguration  group
raisecomSshSvrConfiguration    OBJECT IDENTIFIER ::= { raisecomSshObjects 1 }
            
 sshServerVersion OBJECT-TYPE     
 	SYNTAX      INTEGER {     
  				ssh-1(1),
  				ssh-2(2),
  				both(3)
            }        
    MAX-ACCESS  read-write
   	STATUS      current     
    DESCRIPTION 
        "This object specifies the Secure Shell server working version. 
        In another words, it specifies which versions of Secure Shell 
        protocol connections that device will accept from Secure Shell clients."
    DEFVAL { 3 }
    ::= { raisecomSshSvrConfiguration 1 }
           
 sshServerAuthenTimeout OBJECT-TYPE  
   	SYNTAX      INTEGER (100..65535)  
	MAX-ACCESS  read-write  
   	STATUS      current  
   	DESCRIPTION
        "This object specifies time limit client takes to pass server authentication. 
        The server will disconnect the client that can't pass authentication in the 
        time this object specifies since its first request."  
    DEFVAL { 600 }
    ::= { raisecomSshSvrConfiguration 2 }
             
 sshServerAuthenRetries OBJECT-TYPE  
   	SYNTAX      INTEGER (1..100)    
	MAX-ACCESS  read-write  
   	STATUS      current  
   	DESCRIPTION
        "This object specifies time limit client takes to pass server authentication. 
        The server will disconnect the client that can't pass authentication in the 
        time this object specifies since its first request."  
    DEFVAL { 20 }
    ::= { raisecomSshSvrConfiguration 3 }
                      
 sshServerHostKeyName OBJECT-TYPE  
   	SYNTAX      OCTET STRING (SIZE(0..16))  
	MAX-ACCESS  read-write     
   	STATUS      current  
   	DESCRIPTION
        "This object specifies the name of host key server uses."  
   ::= { raisecomSshSvrConfiguration 4 }
                
 sshServerEnable OBJECT-TYPE  
   	SYNTAX      EnableVar       
	MAX-ACCESS  read-write     
   	STATUS      current  
   	DESCRIPTION
        "Enables or disables the Secure Shell (SSH) server on the device."  
   ::= { raisecomSshSvrConfiguration 5 }  
   
 sshServerAuthenType OBJECT-TYPE  
   	SYNTAX INTEGER{
	        	none(1),
	        	public_key(2),        	
	        	pass_word(3)
	        	}      
	MAX-ACCESS  read-write     
   	STATUS      current  
   	DESCRIPTION
        "This object specifies the way client takes to pass server authentication."  
   ::= { raisecomSshSvrConfiguration 6 } 
 
 sshServerPort OBJECT-TYPE  
   	SYNTAX      INTEGER (1..65535)      
	MAX-ACCESS  read-write     
   	STATUS      current  
   	DESCRIPTION
        "This object specifies the listen port of ssh server."  
    DEFVAL { 22 }
   ::= { raisecomSshSvrConfiguration 7 } 
   
--raisecomSshKeyPairMgnt   
 raisecomSshKeyPairMgnt             OBJECT IDENTIFIER ::= { raisecomSshObjects 2 }
             
 sshKeyPairGenerationStatus OBJECT-TYPE  
   	SYNTAX      INTEGER {
  			keyGenerationSuccess(1),
  			keyGenerationInProgress(2),
  			keyGenerationInvalidName(3),
  			keyGenerationInvalidModulus(4),
  			keyGenerationKeyExist(5),
  			keyGenerationNumLimit(6),
  			keyGenerationKeySavingError(7)
		}                 
	MAX-ACCESS  read-only   
   	STATUS      current  
   	DESCRIPTION
        "The object indicates the status of key generation. 
        The keyGenerationSuccess indicates that key generation succeeded. 
        The keyGenerationInvalidName indicates that the sshKeyPairName is invalid. 
        The keyGenerationInvalidModulus indicates that the sshKeyPairModulusSz is invalid. 
        The keyGenerationKeyPairExist indicates that there's key with the same name. 
        The keyGenerationKeySavingError  indicates that saving key failed. 
        The keyGenerationNumLimit indicates that the number of keys reaches to limit. 
        The keyGenerationInProgress indicates that the key is being generated."  
   ::= { raisecomSshKeyPairMgnt 1 } 
                
 sshKeyPairTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF SshKeyPairEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION  ""
    ::= { raisecomSshKeyPairMgnt 2 }

 sshKeyPairEntry OBJECT-TYPE
    SYNTAX       SshKeyPairEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION  ""
    INDEX       { sshKeyPairName }
    ::= { sshKeyPairTable 1 }

 SshKeyPairEntry ::= SEQUENCE
    {
        sshKeyPairName     	OCTET STRING,
        sshKeyPairType      INTEGER,
        sshKeyPairModulusSz INTEGER,
        sshKeyPairComment         OCTET STRING,
        sshKeyPairTrapOnComplete  TruthValue,
        sshKeyPairPubData		  OCTET STRING,    
        sshKeyPairStatus       RowStatus
    }     
    
 sshKeyPairName OBJECT-TYPE  
   	SYNTAX      OCTET STRING (SIZE(1..16))       
	MAX-ACCESS  not-accessible     
   	STATUS      current  
   	DESCRIPTION
        "This object specifies the key unique name 
        which used by server to determine host key."  
   ::= { sshKeyPairEntry 1 }                     
    
 sshKeyPairType OBJECT-TYPE  
   	SYNTAX      INTEGER	{
  					rsa(1),
  					dsa(2)
				}       
	MAX-ACCESS  read-create     
   	STATUS      current  
   	DESCRIPTION
        "Key type which specifies the generation algorithm."  
   ::= { sshKeyPairEntry 2 } 
              
 sshKeyPairModulusSz OBJECT-TYPE  
   	SYNTAX      INTEGER	(512..2048)
	MAX-ACCESS  read-create     
   	STATUS      current  
   	DESCRIPTION
        "This object specifies modulus size used to generate key. " 
    DEFVAL { 512 } 
   ::= { sshKeyPairEntry 3 } 
            
 sshKeyPairComment OBJECT-TYPE  
   	SYNTAX      OCTET STRING (SIZE(0..255))       
	MAX-ACCESS  read-create     
   	STATUS      current  
   	DESCRIPTION
        "Comment for this key."  
   ::= { sshKeyPairEntry 4 } 
   
 sshKeyPairTrapOnComplete OBJECT-TYPE  
   	SYNTAX      TruthValue       
	MAX-ACCESS  read-create     
   	STATUS      current  
   	DESCRIPTION
        "This object specifies whether the device should send 
        a trap or not when finishing key generation."  
   ::= { sshKeyPairEntry 5 } 
             
 sshKeyPairPubData OBJECT-TYPE  
   	SYNTAX      OCTET STRING (SIZE(0..255))       
	MAX-ACCESS  read-only     
   	STATUS      current  
   	DESCRIPTION
        "Public key data of the key in the file format defined in RFC 4716."  
   ::= { sshKeyPairEntry 6 } 
        
 sshKeyPairStatus OBJECT-TYPE  
   	SYNTAX      RowStatus       
	MAX-ACCESS  read-create     
   	STATUS      current  
   	DESCRIPTION
        "This object only includes three valid values: 
        createAndGo, notInService, active and destroy. 
        It will be set to notInService when generation is being process 
        and active when generation succeed, otherwise the associated row will be removed."  
   ::= { sshKeyPairEntry 7 }  
   
 -- raisecomSshSessionInfo group 
 raisecomSshSessionInfo             OBJECT IDENTIFIER ::= { raisecomSshObjects 3 }
            
 sshSessionTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF SshSessionEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION  ""
    ::= { raisecomSshSessionInfo 1 }

 sshSessionEntry OBJECT-TYPE
    SYNTAX       SshSessionEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION  ""
    INDEX       { sshSessionId }
    ::= { sshSessionTable 1 }

 SshSessionEntry ::= SEQUENCE
    {
        sshSessionId     		Gauge,
        sshSessionVersion		INTEGER,
        sshSessionState 		INTEGER,
        sshSessionUserId		OCTET STRING,
        sshSessionHostAddr  	IpAddress,
        sshSessionInEncrypt		OCTET STRING,    
        sshSessionOutEncrypt    OCTET STRING,      
        sshSessionInHmac        OCTET STRING,
        sshSessionOutHmac       OCTET STRING,
        sshSessionConnectTime   OCTET STRING,
        sshSessionEnable        EnableVar
    }     				
          
 sshSessionId OBJECT-TYPE  
   	SYNTAX      Gauge       
	MAX-ACCESS  not-accessible     
   	STATUS      current  
   	DESCRIPTION
        "An arbitrary index that uniquely identifies a Secure Shell
         Session, but not the session ID generated resulting from key exchange."  
   ::= { sshSessionEntry 1 } 
                
 sshSessionVersion OBJECT-TYPE  
   	SYNTAX      INTEGER{
   			ssh-1(1),
   			ssh-2(2)}       
	MAX-ACCESS  read-only     
   	STATUS      current  
   	DESCRIPTION
        "The object indicates the SSH version used by this session."  
   ::= { sshSessionEntry 2 } 
            
 sshSessionState OBJECT-TYPE  
   	SYNTAX      INTEGER{
  			sessionVersionOk(1),
  			sessionKeysExchanged(2),
  			sessionAuthenticated(3), 
  			sessionOpen(4),
  			sessionDisconnecting(5),
  			sessionDisconnected(6),
  			sessionClosed(7)
		}       
	MAX-ACCESS  read-only     
   	STATUS      current  
   	DESCRIPTION
        "The object indicates the current state of Secure Shell Session. 
          The state sessionVersionOk(1) indicates that server and client 
        versions of SSH are exchanged and are compatible. 
          The state sessionKeysExchanged(2) indicates that key exchange 
        has been completed. 
          The state sessionAuthenticated(3) indicates that the client has 
        been successfully authenticated. 
          The state sessionOpen(4) indicates that the session has been 
        successfully opened. 
          The state sessionDisconnecting(5) indicates that the session 
        disconnection has begun. 
          The state sessionDisconnected(6)indicates that the session has 
        been disconnected. 
          The state sessionClosed(7) indicates that the session has closed."  
   ::= { sshSessionEntry 3 }   
     
 sshSessionUserId OBJECT-TYPE  
   	SYNTAX      OCTET STRING (SIZE(1..32))       
	MAX-ACCESS  read-only     
   	STATUS      current  
   	DESCRIPTION
        "The object indicates user name associated with this session."  
   ::= { sshSessionEntry 4 } 
          
 sshSessionHostAddr OBJECT-TYPE  
   	SYNTAX      IpAddress       
	MAX-ACCESS  read-only     
   	STATUS      current  
   	DESCRIPTION
        "The object indicates IP address of host associated with this session."  
   ::= { sshSessionEntry 5 }     
   
 sshSessionInEncrypt OBJECT-TYPE  
   	SYNTAX      OCTET STRING (SIZE(1..128))       
	MAX-ACCESS  read-only     
   	STATUS      current  
   	DESCRIPTION
        "The object indicates the ingress encryption algorithm of this session."  
   ::= { sshSessionEntry 6 } 
           
 sshSessionOutEncrypt OBJECT-TYPE  
   	SYNTAX      OCTET STRING (SIZE(1..128))       
	MAX-ACCESS  read-only     
   	STATUS      current  
   	DESCRIPTION
        "The object indicates the egress encryption algorithm of this session. 
        If the session version is SSH-1, it is always the same as sshSessionInEncrypt."  
   ::= { sshSessionEntry 7 } 
          
 sshSessionInHmac OBJECT-TYPE  
   	SYNTAX      OCTET STRING (SIZE(1..128))       
	MAX-ACCESS  read-only     
   	STATUS      current  
   	DESCRIPTION
        "The object indicates the ingress HMAC algorithm used in this session."  
   ::= { sshSessionEntry 8 } 
      
 sshSessionOutHmac OBJECT-TYPE  
   	SYNTAX      OCTET STRING (SIZE(1..128))       
	MAX-ACCESS  read-only     
   	STATUS      current  
   	DESCRIPTION
        "The object indicates the egress HMAC algorithm used in this session."  
   ::= { sshSessionEntry 9 }   
   
 sshSessionConnectTime OBJECT-TYPE  
   	SYNTAX      OCTET STRING (SIZE(1..65535))       
	MAX-ACCESS  read-only     
   	STATUS      current  
   	DESCRIPTION
        "The object indicates the time of this session has been connected."  
   ::= { sshSessionEntry 10 }
   
 sshSessionEnable OBJECT-TYPE  
   	SYNTAX      EnableVar       
	MAX-ACCESS  read-write     
   	STATUS      current  
   	DESCRIPTION
        "Enables or disables this session."  
   ::= { sshSessionEntry 11 }   
   
--traps   
 sshKeyPairGenerationCompletion NOTIFICATION-GROUP
       NOTIFICATIONS {   
                   sshKeyPairGenerationStatus,
                   sshKeyPairName
                     }
       STATUS      current
       DESCRIPTION 
         "Key pair generation is completed. "
       ::= { raisecomSshTraps 1 }

END