Using an SSH terminal to start a session
An SSH proxy server is included as a built-in component of the BMC Network Automation application server. This enables the BMC Network Automation server to act as a proxy between familiar SSH clients such as Bitvise, OpenSSH, and SecureCRT and managed network devices.
When acting as a proxy server, BMC Network Automation creates a connection to the network devices using the appropriate access mode (for example, Telnet or SSH2).
When using the SSH proxy feature, clients (for example, Bitvise, OpenSSH) should use port 4000 to connect to the application server.
The latest FIPS-compliant cryptography libraries used in BMC Network Automation require the use of more secure algorithms for the generation of the public/private key pair used by the SSH proxy server. For more information about the algorithms used, see SSH proxy.
Refer to the global.properties file page to see the default settings of various properties related to the SSH proxy connection.
BMC Network Automation uses a few updated cryptographic libraries for enhanced security. As a result, BMC Network Automation cannot support the use of older versions of a few SSH clients, such as, Putty and OpenSSH. Instead, you can use the following SSH clients to connect to the BMC Network Automation SSH proxy server:
- (Windows) Bitvise SSH
- (Linux) OpenSSH_6.4p1, OpenSSL 1.0.1e-fips
OpenSSH_5.8p1 Debian-1ubuntu3, OpenSSL 0.9.8o
When using an SSH terminal the following functions are supported:
- The CLI login uses the same authentication mechanism that is used for logging into the browser interface.
- Users can manage devices without sitting in front a computer that supports a web browser.
- Working with a CLI terminal might provide a performance advantage over using the UI.
- CLI keyboard command shortcuts are supported.
Copy and paste is supported.
For some devices, the Backspace key might not work properly in SSH sessions when it is opened via BMC Network Automation. Using CTRL+H usually works as a substitute.
- Users can list all of the devices for which they have permission to view.
- Multiple CLI sessions can be opened to different network devices to enable efficient troubleshooting.
All interactions between the SSH client and the managed devices are recorded. Keystrokes entered during the session are captured and displayed in the job transcripts.
Auto-complete by using the Tab key is available for devices names.