Skip to main content

Secure Shell (SSHD Host)

Connector name

agtssh

Connector type

Executable with script

Type (UI field value)

SSHD Host target system

Target system versions supported / tested

Systems that are accessed using SSH (Secure Shell). The SSH protocol is available on most Unix systems; however, the connector is not limited to Unix – any SSH-enabled system can be targeted as long as the passwords can be managed from the command line. Both SSH1 and SSH2 protocols are supported.

Connector status / support

Customer-Verified

Clients may contact Bravura Security support for assistance with this connector. Troubleshooting and testing must be completed in the client's test environment as Bravura Security does not maintain internal test environments for the associated target system.

Installation / setup

For Bravura Security Fabric to be able to successfully execute a particular operation on a specific SSH-enabled system, the operation must be defined in a PSLang script that is used by agtssh when communicating with the SSH-enabled system.

Using the connector for Secure Shell (agtssh) is more secure than using Telnet; it connects to the sshd service (usually on port 22) and uses strong encryption as opposed to telnetd which uses none. And unlike the Unix Listener, agtssh does not require any Bravura Security software to be installed on the target system.

The following Bravura Security Fabric operations are supported by the connector for Secure Shell (agtssh):

  • user verify password

  • get server information

  • user change password

  • administrator reset password

  • administrator reset+expire password

  • expire password

  • unexpire password

  • administrator verify password

  • verify+reset password

  • enable account

  • disable account

  • check account enabled

  • lock account

  • unlock account

  • check account lock

  • expire account

  • check account expiry

  • unexpire account

  • create account

  • delete account

  • add user to group

  • delete user from group

  • add group to group

  • remove group from group

  • create group

  • delete group

  • move contexts

  • rename account

  • update attributes

  • run command

  • list account attributes

  • List:

    • accounts

    • attributes

    • groups

    • groups SID

    • members

    • computer objects

    • service accounts

    • members of built-in administrators group

    Note

    The SSH target script supports listing workstations, servers, and accounts (admin, IIS, DCOM, Com+, SCM, TASK). See the Win32 Console Script chapter, Listing computer objects and Listing iis, dcom, com+, scm, task, and custom accounts to learn how to write scripts for these operations.

For a full list and explanation of each connector operation, see Connector operations.

In this section: