SSH CLI API - Details

NAME

PMP maverick ssh - OpenSSH SSH client API

SYNOPSIS

ssh -q [-p port] [-l login_name] user@hostname [-i private_key] [PMP specific command]

For Example:  ssh -q -p 5522 test@test-server -i /home/guest/id_rsa [PMP specific command] 

 

COMMANDS

For Password Retrieval

ssh -q [-p port] user@hostname [-i private_key] RETRIEVE --resource=<RESOURCE NAME As present in PMP> --account=<ACCOUNT NAME As Present in PMP> --reason=<REASON For Password Access>

 

Example:

ssh -q -p 5522 test@test-server  -i /home/guest/id_rsa  RETRIEVE --resource=test-server --account=root --reason=Testing password
retrieval using ssh client API

For Password Reset

For Local Password Reset

ssh -q [-p port] user@hostname [-i private_key] RESET_LOCAL --resource=<RESOURCE NAME AS PRESENT IN PMP> --account=<ACCOUNT_NAME As Present in PMP> --newpassword=<NEW PASSWORD> --reason=<Reason for Password Reset>

 

Example:

 

ssh -q -p 5522 test@test-server  -i /home/guest/id_rsa RESET_LOCAL --resource=test-server --account=root --newpassword=rootnew --reason=Rotating Password

 

For Remote Password Reset

ssh -q [-p port] user@hostname [-i private_key] RESET_REMOTE --resource=<RESOURCE NAME AS PRESENT IN PMP> --account=<ACCOUNT_NAME As Present in PMP> --newpassword=<NEW PASSWORD> --reason=<Reason for Password Reset>

 

Example:

 

ssh -q -p 5522 test@test-server -i /home/guest/id_rsa RESET_REMOTE --resource=test-server --account=root --newpassword=rootnew --reason=Rotating Password

 

For Creating a New Resource and a User Account

ssh -q [-p port] user@hostname [-i private_key] CREATE --resource=<RESOURCE NAME To Be Created> --account=<ACCOUNT NAME to be created>--newpassword=<PASSWORD of the Account being added> --resourcetype=<Type of the Resource Being Added> --notes=<Reference Notes>

 

Example:

 

ssh -q -p 5522 test@test-server  -i /home/guest/id_rsa CREATE --resource=testresource --account=testaccount --newpassword=test password --resourcetype=Windows --notes=A New resource is added

DESCRIPTION

ssh (SSH client) is a program for logging into a remote machine and for executing commands on a remote machine. ssh connects and logs into the specified hostname with user name. The user must prove his/her identity to the remote machine using the public key authentication.     

 

The command must be specified in the mentioned format which will be executed on the remote host and the required response returned.  

 

SSH Public Authentication Mechanism

 

The scheme is based on public-key cryptography: there are cryptosystems where encryption and decryption are done using separate keys, and it is not possible to derive the decryption key from the encryption key. RSA is one such system. The idea is that each user creates a public/private     key pair for authentication purposes. The server knows the public key, and only the user knows the private key.     

 

The file <PMP_HOME>/<user name>/.ssh/authorized_keys lists the public keys that are permitted for logging in. When the user logs in, the ssh program tells the server which key pair it would like to use for authentication. The server checks if this key is permitted, and if so, sends the user a challenge, a random number, encrypted by the user's public key. The challenge can only be decrypted using the proper private key. The user's client then decrypts the challenge using the private key, proving that he/she knows the private key but without disclosing it to the server.

 

ssh implements the RSA authentication protocol automatically. The user creates his/her RSA key pair by running ssh-keygen. This stores the     private key in id_rsa file and stores the public key in id_rsa.pub in the specified directory. The user should then add PMP API User and import the     id_rsa.pub.

 


© 2014, ZOHO Corp. All Rights Reserved.