system-openssh

Read and write configuration for nethserver-openssh package.

read

Output

A JSON object containing configuration and status fields:

{
    "configuration" : { <sshd prop> },
    "status" : { "connections": <list of active connections> }
}

Output example:

{
    "configuration": {
        "name": "sshd",
        "props": {
            "LoginGraceTime": "2m",
            "MaxAuthTries": "6",
            "PasswordAuthentication": "yes",
            "PermitRootLogin": "yes",
            "Protocol": "2",
            "TCPPort": "22",
            "UsePAM": "yes",
            "access": "green,red",
            "status": "enabled",
            "AllowGroups":"group1,group2:sftp"
        },
        "type": "service"
    },
    "status": {
        "connections": [
            {
                "local": "192.168.1.1:22",
                "peer": "192.168.1.45:54478"
            }
        ]
    }
}

validate

Constraints

• PasswordAuthentication: boolean
• PermitRootLogin: boolean
• TCPPort: port number
• AllowGroups: a comma separated list to allow groups to the sshd service, an option to restrict the group to sftp can be added (group1,group2:sftp,group3).

Input

An Esmith db record in JSON format:

{
    "name": <key>,
    "props": {
        <prop>: <value>
        ...
        <prop>: <value>
    },
    "type": <record-type>
}

Input example from: config getjson sshd:

{
    "name": "sshd",
    "props": {
        "PasswordAuthentication": "yes",
        "PermitRootLogin": "yes",
        "TCPPort": "22"
    },
    "type": "service"
}

Invocation example:

echo '{"props":{"PasswordAuthentication":"yes","PermitRootLogin":"yes","TCPPort":"22"},"name":"sshd","type":"service"}' | ./validate

update

Same input from validate helper.