SSH Server Configuration

SSH server configuration creation and deletion. More...

Collaboration diagram for SSH Server Configuration:

Functions
int	nc_server_config_add_ssh_endpoint_client_ref (const struct ly_ctx *ctx, const char *endpt_name, const char *referenced_endpt, struct lyd_node **config)
	Creates new YANG configuration data nodes, which will be a reference to another SSH endpoint's users. More...
int	nc_server_config_add_ssh_hostkey (const struct ly_ctx *ctx, const char *endpt_name, const char *hostkey_name, const char *privkey_path, const char *pubkey_path, struct lyd_node **config)
	Creates new YANG configuration data nodes for a hostkey. More...
int	nc_server_config_add_ssh_keystore_ref (const struct ly_ctx *ctx, const char *endpt_name, const char *hostkey_name, const char *keystore_reference, struct lyd_node **config)
	Creates new YANG data nodes for a reference to an asymmetric key located in the keystore. More...
int	nc_server_config_add_ssh_truststore_ref (const struct ly_ctx *ctx, const char *endpt_name, const char *user_name, const char *truststore_reference, struct lyd_node **config)
	Creates new YANG data nodes for a reference to a public key bag located in the truststore. More...
int	nc_server_config_add_ssh_user_authkey (const struct ly_ctx *ctx, const char *endpt_name, const char *user_name, struct lyd_node **config)
	Creates new YANG configuration data nodes for an SSH user that will use system's authorized_keys to authenticate. More...
int	nc_server_config_add_ssh_user_interactive (const struct ly_ctx *ctx, const char *endpt_name, const char *user_name, struct lyd_node **config)
	Creates new YANG configuration data nodes for an SSH user's keyboard interactive authentication method. More...
int	nc_server_config_add_ssh_user_password (const struct ly_ctx *ctx, const char *endpt_name, const char *user_name, const char *password, struct lyd_node **config)
	Creates new YANG configuration data nodes for an SSH user's password authentication method. More...
int	nc_server_config_add_ssh_user_pubkey (const struct ly_ctx *ctx, const char *endpt_name, const char *user_name, const char *pubkey_name, const char *pubkey_path, struct lyd_node **config)
	Creates new YANG configuration data nodes for an SSH user's public key authentication method. More...
int	nc_server_config_del_ssh_endpoint_client_ref (const char *endpt_name, struct lyd_node **config)
	Deletes reference to another SSH endpoint's users from the YANG data. More...
int	nc_server_config_del_ssh_hostkey (const struct ly_ctx *ctx, const char *endpt_name, const char *hostkey_name, struct lyd_node **config)
	Deletes a hostkey from the YANG data. More...
int	nc_server_config_del_ssh_keystore_ref (const char *endpt_name, const char *hostkey_name, struct lyd_node **config)
	Deletes a keystore reference from the YANG data. More...
int	nc_server_config_del_ssh_truststore_ref (const char *endpt_name, const char *user_name, struct lyd_node **config)
	Deletes a truststore reference from the YANG data. More...
int	nc_server_config_del_ssh_user (const char *endpt_name, const char *user_name, struct lyd_node **config)
	Deletes an SSH user from the YANG data. More...
int	nc_server_config_del_ssh_user_authkey (const char *endpt_name, const char *user_name, struct lyd_node **config)
	Deletes an SSH user's authorized_keys method from the YANG data. More...
int	nc_server_config_del_ssh_user_interactive (const char *endpt_name, const char *user_name, struct lyd_node **config)
	Deletes an SSH user's keyboard interactive authentication from the YANG data. More...
int	nc_server_config_del_ssh_user_password (const char *endpt_name, const char *user_name, struct lyd_node **config)
	Deletes an SSH user's password from the YANG data. More...
int	nc_server_config_del_ssh_user_pubkey (const char *endpt_name, const char *user_name, const char *pubkey_name, struct lyd_node **config)
	Deletes an SSH user's public key from the YANG data. More...

Detailed Description

SSH server configuration creation and deletion.

Server Configuration Functions

Function Documentation

int nc_server_config_add_ssh_hostkey	(	const struct ly_ctx *	ctx,
		const char *	endpt_name,
		const char *	hostkey_name,
		const char *	privkey_path,
		const char *	pubkey_path,
		struct lyd_node **	config
	)

Creates new YANG configuration data nodes for a hostkey.

Parameters

[in]	ctx	libyang context.
[in]	endpt_name	Arbitrary identifier of the endpoint. If an endpoint with this identifier already exists, its hostkey might be changed.
[in]	hostkey_name	Arbitrary identifier of the hostkey. If a hostkey with this identifier already exists, its contents will be changed.
[in]	privkey_path	Path to a file containing a private key. The private key has to be in a PEM format. Only RSA and ECDSA keys are supported.
[in]	pubkey_path	Optional path to a file containing a public key. If NULL, public key will be generated from the private key.
[in,out]	config	Configuration YANG data tree. If *config is NULL, it will be created. Otherwise the new YANG data will be added to the previous data and may override it.

Returns

0 on success, non-zero otherwise.

int nc_server_config_del_ssh_hostkey	(	const struct ly_ctx *	ctx,
		const char *	endpt_name,
		const char *	hostkey_name,
		struct lyd_node **	config
	)

Deletes a hostkey from the YANG data.

Parameters

[in]	ctx	libyang context.
[in]	endpt_name	Identifier of an existing endpoint.
[in]	hostkey_name	Optional identifier of the hostkey to be deleted. If NULL, all of the hostkeys on this endpoint will be deleted.
[in,out]	config	Configuration YANG data tree.

Returns

0 on success, non-zero otherwise.

int nc_server_config_add_ssh_keystore_ref	(	const struct ly_ctx *	ctx,
		const char *	endpt_name,
		const char *	hostkey_name,
		const char *	keystore_reference,
		struct lyd_node **	config
	)

Creates new YANG data nodes for a reference to an asymmetric key located in the keystore.

This asymmetric key pair will be used as the SSH hostkey.

Parameters

[in]	ctx	libyang context.
[in]	endpt_name	Arbitrary identifier of an endpoint. If an endpoint with this identifier already exists, its contents will be changed.
[in]	hostkey_name	Arbitrary identifier of the endpoint's hostkey. If an endpoint's hostkey with this identifier already exists, its contents will be changed.
[in]	keystore_reference	Name of the asymmetric key pair to be referenced and used as a hostkey.
[in,out]	config	Configuration YANG data tree. If *config is NULL, it will be created. Otherwise the new YANG data will be added to the previous data and may override it.

Returns

0 on success, non-zero otherwise.

int nc_server_config_del_ssh_keystore_ref	(	const char *	endpt_name,
		const char *	hostkey_name,
		struct lyd_node **	config
	)

Deletes a keystore reference from the YANG data.

Parameters

[in]	endpt_name	Identifier of an existing endpoint.
[in]	hostkey_name	Identifier of an existing hostkey on the given endpoint.
[in,out]	config	Configuration YANG data tree.

Returns

0 on success, non-zero otherwise.

int nc_server_config_add_ssh_user_pubkey	(	const struct ly_ctx *	ctx,
		const char *	endpt_name,
		const char *	user_name,
		const char *	pubkey_name,
		const char *	pubkey_path,
		struct lyd_node **	config
	)

Creates new YANG configuration data nodes for an SSH user's public key authentication method.

Parameters

[in]	ctx	libyang context.
[in]	endpt_name	Arbitrary identifier of the endpoint. If an endpoint with this identifier already exists, its user might be changed.
[in]	user_name	Arbitrary identifier of the user. If an user with this identifier already exists, its contents will be changed.
[in]	pubkey_name	Arbitrary identifier of the user's public key. If a public key with this identifier already exists for this user, its contents will be changed.
[in]	pubkey_path	Path to a file containing the user's public key.
[in,out]	config	Configuration YANG data tree. If *config is NULL, it will be created. Otherwise the new YANG data will be added to the previous data and may override it.

Returns

0 on success, non-zero otherwise.

int nc_server_config_del_ssh_user_pubkey	(	const char *	endpt_name,
		const char *	user_name,
		const char *	pubkey_name,
		struct lyd_node **	config
	)

Deletes an SSH user's public key from the YANG data.

Parameters

[in]	endpt_name	Identifier of an existing endpoint.
[in]	user_name	Identifier of an existing user on the given endpoint.
[in]	pubkey_name	Optional identifier of a public key to be deleted. If NULL, all of the users public keys will be deleted.
[in,out]	config	Modified configuration YANG data tree.

Returns

0 on success, non-zero otherwise.

int nc_server_config_add_ssh_user_authkey	(	const struct ly_ctx *	ctx,
		const char *	endpt_name,
		const char *	user_name,
		struct lyd_node **	config
	)

Creates new YANG configuration data nodes for an SSH user that will use system's authorized_keys to authenticate.

The path to the authorized_keys file must be configured to successfully authenticate, see nc_server_ssh_set_authkey_path_format().

Parameters

[in]	ctx	libyang context.
[in]	endpt_name	Arbitrary identifier of the endpoint. If an endpoint with this identifier already exists, its user might be changed.
[in]	user_name	Arbitrary identifier of the user. If an user with this identifier already exists, its contents will be changed.
[in,out]	config	Configuration YANG data tree. If *config is NULL, it will be created. Otherwise the new YANG data will be added to the previous data and may override it.

Returns

0 on success, non-zero otherwise.

int nc_server_config_del_ssh_user_authkey	(	const char *	endpt_name,
		const char *	user_name,
		struct lyd_node **	config
	)

Deletes an SSH user's authorized_keys method from the YANG data.

Parameters

[in]	endpt_name	Identifier of an existing endpoint.
[in]	user_name	Identifier of an existing user on the given endpoint.
[in,out]	config	Modified configuration YANG data tree.

Returns

0 on success, non-zero otherwise.

int nc_server_config_add_ssh_user_password	(	const struct ly_ctx *	ctx,
		const char *	endpt_name,
		const char *	user_name,
		const char *	password,
		struct lyd_node **	config
	)

Creates new YANG configuration data nodes for an SSH user's password authentication method.

Parameters

[in]	ctx	libyang context.
[in]	endpt_name	Arbitrary identifier of the endpoint. If an endpoint with this identifier already exists, its user might be changed.
[in]	user_name	Arbitrary identifier of the user. If an user with this identifier already exists, its contents will be changed.
[in]	password	Clear-text password to be set for the user. It will be hashed.
[in,out]	config	Configuration YANG data tree. If *config is NULL, it will be created. Otherwise the new YANG data will be added to the previous data and may override it.

Returns

0 on success, non-zero otherwise.

int nc_server_config_del_ssh_user_password	(	const char *	endpt_name,
		const char *	user_name,
		struct lyd_node **	config
	)

Deletes an SSH user's password from the YANG data.

Parameters

[in]	endpt_name	Identifier of an existing endpoint.
[in]	user_name	Identifier of an existing user on the given endpoint.
[in,out]	config	Modified configuration YANG data tree.

Returns

0 on success, non-zero otherwise.

int nc_server_config_add_ssh_user_interactive	(	const struct ly_ctx *	ctx,
		const char *	endpt_name,
		const char *	user_name,
		struct lyd_node **	config
	)

Creates new YANG configuration data nodes for an SSH user's keyboard interactive authentication method.

One of Linux PAM, local users, or user callback is used to authenticate users with this SSH method (see the documentation).

Parameters

[in]	ctx	libyang context.
[in]	endpt_name	Arbitrary identifier of the endpoint. If an endpoint with this identifier already exists, its user might be changed.
[in]	user_name	Arbitrary identifier of the user. If an user with this identifier already exists, its contents will be changed.
[in,out]	config	Configuration YANG data tree. If *config is NULL, it will be created. Otherwise the new YANG data will be added to the previous data and may override it.

Returns

0 on success, non-zero otherwise.

int nc_server_config_del_ssh_user_interactive	(	const char *	endpt_name,
		const char *	user_name,
		struct lyd_node **	config
	)

Deletes an SSH user's keyboard interactive authentication from the YANG data.

Parameters

[in]	endpt_name	Identifier of an existing endpoint.
[in]	user_name	Identifier of an existing user on the given endpoint.
[in,out]	config	Modified configuration YANG data tree.

Returns

0 on success, non-zero otherwise.

int nc_server_config_del_ssh_user	(	const char *	endpt_name,
		const char *	user_name,
		struct lyd_node **	config
	)

Deletes an SSH user from the YANG data.

Parameters

[in]	endpt_name	Identifier of an existing endpoint.
[in]	user_name	Optional identifier of an user to be deleted. If NULL, all of the users on this endpoint will be deleted.
[in,out]	config	Modified configuration YANG data tree.

Returns

0 on success, non-zero otherwise.

int nc_server_config_add_ssh_truststore_ref	(	const struct ly_ctx *	ctx,
		const char *	endpt_name,
		const char *	user_name,
		const char *	truststore_reference,
		struct lyd_node **	config
	)

Creates new YANG data nodes for a reference to a public key bag located in the truststore.

The public key's located in the bag will be used for client authentication.

Parameters

[in]	ctx	libyang context.
[in]	endpt_name	Arbitrary identifier of an endpoint. If an endpoint with this identifier already exists, its contents will be changed.
[in]	user_name	Arbitrary identifier of the endpoint's user. If an endpoint's user with this identifier already exists, its contents will be changed.
[in]	truststore_reference	Name of the public key bag to be referenced and used for authentication.
[in,out]	config	Configuration YANG data tree. If *config is NULL, it will be created. Otherwise the new YANG data will be added to the previous data and may override it.

Returns

0 on success, non-zero otherwise.

int nc_server_config_del_ssh_truststore_ref	(	const char *	endpt_name,
		const char *	user_name,
		struct lyd_node **	config
	)

Deletes a truststore reference from the YANG data.

Parameters

[in]	endpt_name	Identifier of an existing endpoint.
[in]	user_name	Identifier of an user on the given endpoint whose truststore reference will be deleted.
[in,out]	config	Modified configuration YANG data tree.

Returns

0 on success, non-zero otherwise.

int nc_server_config_add_ssh_endpoint_client_ref	(	const struct ly_ctx *	ctx,
		const char *	endpt_name,
		const char *	referenced_endpt,
		struct lyd_node **	config
	)

Creates new YANG configuration data nodes, which will be a reference to another SSH endpoint's users.

Whenever a client tries to connect to the referencing endpoint, all of its users will be tried first. If no match is found, the referenced endpoint's configured users will be tried.

Parameters

[in]	ctx	libyang context
[in]	endpt_name	Arbitrary identifier of the endpoint. If an endpoint with this identifier already exists, its contents will be changed.
[in]	referenced_endpt	Identifier of an endpoint, which has to exist whenever this data is applied. The referenced endpoint can reference another one and so on, but there mustn't be a cycle.
[in,out]	config	Configuration YANG data tree. If *config is NULL, it will be created. Otherwise the new YANG data will be added to the previous data and may override it.

Returns

0 on success, non-zero otherwise.

int nc_server_config_del_ssh_endpoint_client_ref	(	const char *	endpt_name,
		struct lyd_node **	config
	)

Deletes reference to another SSH endpoint's users from the YANG data.

Parameters

[in]	endpt_name	Identifier of an existing endpoint.
[in,out]	config	Modified configuration YANG data tree.

Returns

0 on success, non-zero otherwise.