PSM for SSH Connection Component Parameters
This topic describes connection components specific to PSM for SSH.
SSH Sessions (PSMP-SSH)
The following parameters are specific to the PSMP-SSH connection component. These are in addition to the general parameters that are common to all connection components:
| Parameter | Description | Override at platform level | Override at account level | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Target Settings | ||||||||||||
| Client Specific | Defines a dynamic list of parameters for a specific client. | |||||||||||
|
Port |
The port is used to connect to the remote device. Default port for SSH connections is 22. |
ü |
ü |
|||||||||
|
AutoLogonSequenceWithLogonAccount |
A multi-line sequence that defines an automatic sign-on process, which uses a logon account to log onto a remote machine, and then into another account to elevate the user so that they can run sessions.
The sequence uses regular expression prompts and responses, with dynamic values, which are based on the relevant account and can include one or more dynamic references. The PSM reads these references in the following order:
|
ü |
- | |||||||||
|
SendRateValue
|
A send rate value in milliseconds that overrides the default send rate delay value. The value you enter determines the speed at which the client will send the login sequence keystrokes. |
ü |
ü |
|||||||||
|
PromptTimeout |
A timeout value in milliseconds that overrides the default prompt timeout value, which determines how long the client will wait for the next prompt to be received before displaying an error message and closing the session. Default value: 30000 milliseconds |
ü |
ü |
|||||||||
|
ShellPromptForAudit |
Defines a regular expression that represents the shell prompt on the target systems. If the prompt is not recognized based on this expression, the SSH keystrokes audit will fail. Use the TerminateOnShellPromptFailure parameter to determine the PSM behavior in such scenario. Type: string.
If no value is set, the default value is used.
Default value: (.*)[>#\\$]$ |
ü |
- | |||||||||
|
TerminateOnShellPromptFailure |
Whether or not the session will stop if the shell prompt was not recognized after the amount of time defined in the parameter PromptTimeout.
Available values: Yes/No Default value: No |
ü |
- | |||||||||
|
ExecuteCommandsOverSSH |
Whether or not users will be able to forward SSH commands through the PSM for SSH syntax. Available values: Yes/No Default value: Yes |
ü |
- |
|||||||||
|
BackgroundColor |
Configure the background color of an SSH session. Session coloring requires the support of ANSI colors on the end-user's SSH Client. Available values: black, red, green, yellow, blue, magenta, cyan, gray Default value: No color |
ü |
- | |||||||||
|
ForegroundColor |
Configure the foreground color of an SSH session. Session coloring requires the support of ANSI colors on the end-user's SSH Client. Available values: black, red, green, yellow, blue, magenta , cyan , gray , dark_gray, bright_red, bright_green, bright_yellow, bright_blue, bright_magenta, bright_cyan, white Default value: No color |
ü |
- | |||||||||
|
SanitizeInput |
Client specific parameter to enable or disable input sanitization. Applies only when using OpenSSH client. Available values: Yes/No Default value: Yes |
|
|
|||||||||
|
SanitizeOutput |
Client specific parameter to enable or disable output sanitization. Applies only when using OpenSSH client. Available values: Yes/No Default value: Yes |
|
|
|||||||||
|
TerminalType |
Controls the value of the Linux environment parameter 'TERM' when connecting to the target. Acceptable values: String Default value: xterm |
ü |
ü |
|||||||||
|
EnableTERMParsingForAudit |
Determines if audit supports auto complete for a more interactive experience (value='Yes'), or supports copy & paste of multiple lines as a bulk of consecutive commands (value='No'). Available values: Yes/No Default value: Yes |
ü |
ü |
|||||||||
|
Component Parameters |
||||||||||||
|
TicketingRetriesNumber |
If the user enters an invalid control character, such as Backspace or Esc, or an invalid ticket ID, a retry mechanism enables the user to correctly re-enter the ticket ID. This parameter determines the number of retries. If the parameter is set to 0, no retries are allowed. Default value: 3 |
|
|
|||||||||
|
EnableTERMParsingForAudit |
Defines whether the audit supports auto complete for a more interactive experience (Yes) or supports copy/paste of multiple lines for running bulk commands (No). Available values: Yes/No Default value: Yes |
ü |
|
|||||||||
|
SSH SFTP Sessions |
||||||||||||
|
EnableSftpAudit |
Defines whether SFTP audits are supported. Available values: Yes/No Default value: Yes |
ü |
|
|||||||||
|
CASignatureAlgorithm |
Contains the algorithm used for signing the SSH key certificate for Just in Time access with short-lived SSH certificates. Available values: rsa-sha2-256, rsa-sha2-512 Default value: rsa-sha2-256 |
ü |
|
|||||||||
