Configuring the SSH adapter

For the SSH adapter, in addition to target computers defined in the adapter configuration, you can define dynamic target computers in each adapter request. If a dynamic target is defined in the SSH adapter request, use a configuration node, <config/>, in the adapter configuration. The SSH adapter can establish an SSH connection to execute commands on a remote target via an HTTP proxy server. Remote target can be a target defined in the adapter configuration or a dynamic target. For both the target types, HTTP proxy is static.

BMC recommends that you do not include unused elements in the adapter configuration because they might cause errors.

Adapter type: ro-adapter-ssh_vv.rr.nn

Default adapter name: SSHAdapter

To configure the SSH adapter, see Configuring-base-adapters.

The following table describes the adapter configuration elements for the SSH adapter that you can specify by using the form view, XML view, or both. You cannot use the form view to configure elements and attributes that do not have an entry in the "UI label" column.

Configuration node elements of the SSH adapter

The following figure shows the XML template for SSH adapter configuration with password approach.

XML template of the SSH adapter configuration with password approach

The following figure shows the XML template for SSH adapter configuration with private-key-file approach.

XML template of the SSH adapter configuration with private-key-file approach

Recommendation

BMC recommends that you use the password or the private-key-file approach; not both the approaches together.

The following figure shows the XML template for SSH adapter configuration with private-key-data approach.

XML template of the SSH adapter configuration with private-key-data approach

<config name="testPKA">
  <target>10.128.248.118</target>
  <user-name>name</user-name>
  <private-key-data>--BEGIN RSA PRIVATE KEY----
      Proc-Type: 4,ENCRYPTED
      DEK-Info: DES-EDE3-CBC,0FFD900EA089BBDD
      S5lpB02OesPZ9bEXJfYaziok9kSs46VfgHRF1WPgRQGFOnVvs0m+KU1iL5EiFzRC
      m3q9h2Dat+uLzdrnGWyAjaiTqAnlMcBtlgdu6UQfwPipXMMnOJpU2M0+8NqtZGiL
      3yFK6Zoox9EQ+enU2KlV05UUpo6I0erHvHcigDDK6tI4x50H7dHVtNixOlH3a/q5
      3A0t6ccPaOcBui+dsTO65nK7AcywRzhdhSBrDaFBoJBuBqiZ5p3AAi2xre+QAIpx
      wCoDBp76FRFePv2NYl7KEH4ajU4kR6DQoJiwgoD9TE6S/OwY79gr1cAoYQt+ldDi
      xiMzm5gV4BooYQDX8j63Qt6qABhOAAzATbOBedHdtRsn01B6saRtjrdI2QrHzx0t
      Cw/d3RoUS16uoXi66eA9L6dnwa5dyfO1KhkA3NV5LkX7NXfu5wu8Oua3JOnbRCIH
      shTrprCuwRFfUEqKz+KytckMbuVFPmD79pw4vsIWemN2xAPMdQEUFzprxWaI+6SY
      H0GSfiekfPBlE+8/jR2+a3giTAuRnUlchcCG7G95T/rREYzlx4vLTjVA3gzw/CPE
      9fcEBvgJVTY7VkpKQspsV9WM5tDKUJbsLG1UIKTa+ZLyIC1Nd9QroDGWbT72QxnA
      jzNDLS/CB4i/DK71dri19AZLre5pXL4G1Jgw192l+xx2oXv0xdHPHArBSpdnKQdo
      81ytjZomCPH41Ez5HxIBRHYWJz/rKsFPcnfAHCgRAxDJU8WXEB6GhwAvFqc6VFdK
      7HkD1Ec3uVw5BDize8DWY/fLJQL4T4zwvirWAlMQrbrdRwRc+9WxikBy1oVvxN4U
      dSUSsePwQ9QQq0PhKx+a3A/Ue9y/H51SEXsA46Uhtk9QV39D5tWEs/DoGqn8glGE
      I77saju3aQCjlpXq9QQXVAhvScG4MMhlri87DiCKa4PJ7kvq5d4IizlxMq0wjflX
      nrTqZDvMUAudZgi86679Km2WG5ZwSgXNOjA+B/Jo5c/T4Z1gWlnvpW5R0PUnsrMx
      V7U3fWcq2R8XUQzOdc4dJx55e8kP3tilO3HbNmfDRAgPoBUE1nIfRpv738nYbbOl
      msSrcv2lULIsF1qvA69ZOM5ziKvu0ElpgHMhZTGB4mcO8bDuBIdVeYhmmBgNL5r1
      GPOjdA/rqchWovR2SdCPTN0QiAhdFSzOKXSCJnv29dXsWSEUiYiXnTkLuyNOIgTS
      5ypd6MzPDbY8gWL/OYrdC8H98jt9YiZVroU7ra9zFoRC8cXbKgZevqoNnUUBTcfa
      pj5VzhKsHOwcObdL/oGxum97CDpjNoUYjqEF2W8N6rnScaCqoInOjGkm0WLxreLD
      BwsOJ2J7c40sr0gWzDGBC70HmA2rQba9TWZDuoE98H8XAv8Pdnv9K8+u/Q6IoXpo
      LJJmvjvA4LiPGn688+nKrcvrx8D5iz64ynQ2TaQlwz538AKFsaIBrn2F1oSnZ09M
      m45n5Rgkih0pti9SiOHbm84X7696mQLdh2y07U1IXj+uQoC30gJHKQa37kEEKYeV
      +ERwLmMr+JH2DWADnBMqizd2+ROo0V2vL4Vj17B+9rGg0LmnyCkyQQ==
      --END RSA PRIVATE KEY----
  </private-key-data>
  <prompt>$</prompt>
  <pass-phrase encryption-type="plain">changeit</pass-phrase>
</config>

The following figure shows an XML sample for SSH adapter configuration with CharSet.

XML sample of the SSH adapter configuration with CharSet

<config name="KbiConfig">
<target>server1</target>
<user-name>testuser</user-name>
<port>22</port>
<password>abc</password>
<verify-os>true</verify-os>
<read-buffer-size>1024</read-buffer-size>
<timeout-secs></timeout-secs>}}
<allow-unknown-hosts>true</allow-unknown-hosts>
<character-set>Shift_JIS</character-set>
</config>

The following figure shows an XML sample for SSH adapter configuration by using the <use-shell-mode> element.

Sample XML for configuring the SSH adapter by using the <use-shell-mode> element

<config>
   <target>ABCXYZ</target>
   <user-name>root</user-name>
   <password>password</password>
   <allow-unknown-hosts>true</allow-unknown-hosts>
   <use-shell-mode>true</use-shell-mode>
   <establish-connection-timeout-secs>70</establish-connection-timeout-secs>
   <character-set>UTF-8</character-set>
</config>

The following figure shows an XML sample for SSH adapter configuration by using the HTTP Proxy elements.

Sample XML for configuring the SSH adapter by using the HTTP Proxy elements

<config>
   <target>bao-clm-pun</target>
   <user-name>root</user-name>
   <password>hostPassword</password>
   <allow-unknown-hosts>true</allow-unknown-hosts>
   <http-proxy-host>httpProxyHostName</http-proxy-host>
   <http-proxy-port>8080</http-proxy-port>
   <http-proxy-username>proxyUserA</http-proxy-username>
   <http-proxy-password>UserAPassword/http-proxy-password>
   <character-set>UTF-8</character-set>
</config>

Enabling custom logging

To enable custom logging for the adapter, you must specify a log file name. You can also provide additional parameters for logging.

Note

You must be using TrueSight Orchestration version 8.1 or later to use the custom logging feature. These parameters will be ignored in earlier versions of TrueSight Orchestration Platform.

These parameters are available with supported adapter versions. See TrueSight Orchestration Content documentation for details.

Log File Name: Provide a name for the log file.
This file will be stored in the AO_HOME/tomcat/logs directory. If Log File Max Backup Index value is greater than 0, the log file name is suffixed with the backup index. For example, if the parameter value is a.log, backup log files will have names, such as a.log.1, a.log.2.
Log File Size: Specify a size limit for the log file.
If the value specified for Log File Max Backup Index is greater than 0, when the specified size is reached, the current file is renamed with the suffix .1. Otherwise, the log file will be reset and over-written. The default value is 10MB. The available units are KiloBytes (KB), MegaBytes (MB) or GigaBytes (GB).
Log File Max Backup Index: Enter the maximum number of backup files allowed. The default value is 10.
Log File Append: Select this option to append new log information to the existing information in the file. If unselected, the file will be overwritten with new log information.

Log Level: Enter the logging level using one of the following choices:

Logging level	Description
DEBUG	The most detailed logging level; logs low-level messages, normal execution, recoverable erroneous conditions, and unrecoverable erroneous conditions
INFO (default)	Logs normal execution, recoverable erroneous conditions, and unrecoverable erroneous conditions
WARN	Logs recoverable erroneous conditions and unrecoverable erroneous conditions
ERROR	The least detailed logging level; logs only error conditions that are not usually recoverable

Encrypting an element's contents

You can add the attribute secure="true" to an XML adapter element XML view to ensure that the element's contents is encrypted when displayed.

Note

You must be using TrueSight Orchestration Platform version 8.1 or later to use this encryption attribute.

Configuring the SSH adapter

Enabling custom logging

Encrypting an element's contents

On this page