Net-SSH-Any
view release on metacpan or search on metacpan
docs/ssh-broker-config.txt view on Meta::CPAN
The protocol is a mandatory setting. It defines the used communications protocol. Currently the only allowed value is secsh2.
If you want to make the connection specified by the profile automatically when the Connection Broker is started, set the value of the connect-on-startup attribute to yes. In this case, give also the user attribute (the user name the...
made with). You also need to set up some form of non-interactive authentication for the connection.
The host-type attribute sets the server type for ASCII file transfer. This specifies the newline convention that is used for ASCII (text) files. The default value is default. Other possible values are windows (for Windows server host) a...
Unix server host). Define the value if you are using any other server than Tectia Server.
For FTP-SFTP conversion, set the server type here according to your target FTP server to transfer ASCII text files with correct newline convention.
The user attribute specifies the user name for opening the connection. The value "%USERNAME%" can be used to apply the user name of the currently logged in user. The value user="*" can be used to prompt the user to enter the user nam...
in. When the user attribute is not defined, the user name defined in the default connection settings will be used.
An empty value user="" can be used when the profile is used with FTP-SFTP conversion and the user name is taken from the application (filter-engine/rule[@username-from-app="yes"]). See the rule element below for details.
hostkey
This element gives the path to the remote server host public key file as a value of the file attribute.
Alternatively, the public key can be included as a base64-encoded ASCII block.
ciphers
This element defines the ciphers used with this profile. See The default-settings Element above for details.
macs This element defines the MACs used with this profile. See The default-settings Element above for details.
kexs This element defines the KEXs used with this profile. See The default-settings Element above for details.
hostkey-algorithms
This element defines the hostkey signature algorithms used with this profile. See The default-settings Element above for details.
rekey This element defines the rekeying settings used with this profile. See The default-settings Element above for details.
authentication-methods
This element defines the authentication methods used with this profile. See The default-settings Element above for details.
user-identities
This element specifies the identities used in user public-key authentication. In contrast to the key-stores element that specifies all the keys that are available for the Connection Broker, this element can be used to control the...
attempted in authentication when this connection profile is used and to specify the order in which they are attempted.
The user-identities element can contain multiple identity elements. When multiple identity elements are used, they are tried out in the order they are listed.
The identity element has the following attributes: identity-file, file, hash, id, and data.
The identity-file attribute specifies that the user identity is read in the identification file used with public-key authentication. Enter the full path to the file if it is located somewhere else than the default identification ...
which is $HOME/.ssh2. See also ssh-broker-g3(1).
The file attribute specifies the path to the public-key file (primarily) or to a certificate. Enter the full path and file name as the value.
The hash attribute is used to enter the hash of the public key that will be used to identify the related private key. The key must be available for the Connection Broker The public key hashes of the available keys can be listed w...
broker-ctl tool. See also ssh-broker-ctl(1).
The id attribute is reserved for future use.
The data attribute is reserved for future use.
An example user-identities element is shown below:
<user-identities>
<identity identity-file="C:\\ mykey" />
<identity file="$HOME/user/.ssh2/id_dsa_2048_a" />
<identity file="C:\\private_keys\id_dsa_2048_a" />
<identity hash="#a8edd3845005931aaa658b5573609e7d31e23afd" />
</user-identities>
compression
This element defines the compression settings used with this profile. See The default-settings Element above for details.
proxy This element defines the HTTP proxy and SOCKS server settings used with this profile. See The default-settings Element above for details.
If gateway-profile has been defined for this profile, the proxy setting is ignored and the default proxy setting or the proxy setting of the gateway profile is used instead.
idle-timeout
This element defines the idle timeout settings used with this profile. See The default-settings Element above for details.
tcp-connect-timeout
This element defines the TCP connection timeout for this profile. The timeout is used to terminate connection attempts to Secure Shell servers that are down or unreachable. The default value is 5 seconds. See The default-se...
above for details.
keepalive-interval
This element defines an interval for sending keepalive messages to the Secure Shell server. The setting applies to this profile. The default value is 0, meaning that no keepalive messages are sent. See The default-settings Eleme...
details.
exclusive-connection
This element defines whether a new connection is opened for each new channel when a connection is made with this profile. This setting takes one attribute enable, with value yes or no. The default is no, meaning that open c...
reused for new channels requested by a client. See also The default-settings Element above.
server-banners
This element defines the server banner setting used with this profile. See The default-settings Element above for details.
forwards
This element defines the forwards allowed with this profile. See The default-settings Element above for details.
extended
This element is reserved for future use.
remote-environment
This element defines the remote environment settings used with this profile. Within the remote-environment element, define an environment element for each environment variable to be passed to the server. See The default-settings...
for details.
server-authentication-methods
This element defines the server authentication methods allowed with this profile. See The default-settings Element above for details.
password
This element can be used to specify a user password that the client will send as a response to password authentication.
The password can be given directly in the string attribute, or a path to a file containing the password can be given in the file attribute, or a path to a program or a script that outputs the password can be given in the command ...
When using the command option to refer to a shell script, make sure the script also defines the user's shell, and outputs the actual password. Otherwise the executed program fails, because it does not know what shell to use...
script. For example, if the password string is defined in a file named my_password.txt, and you want to use the bash shell, include these lines in the script:
#!/usr/bash
cat /full/pathname/to/my_password.txt
Caution
If the password is given using this option, it is extremely important that the ssh-broker-config.xml file, the password file, or the program are not accessible by anyone else than the intended user.
Note
Any password given with the command-line options will override this setting.
An example connection profile is shown below:
( run in 1.731 second using v1.01-cache-2.11-cpan-39bf76dae61 )