1 files changed, 171 insertions, 0 deletions

diff --git a/vnfs/TestVNF/netconftemplates/netconftemplates/ietf-ssh-server@2016-11-02.yang b/vnfs/TestVNF/netconftemplates/netconftemplates/ietf-ssh-server@2016-11-02.yang
new file mode 100644
index 00000000..e7393114
--- /dev/null
+++ b/vnfs/TestVNF/netconftemplates/netconftemplates/ietf-ssh-server@2016-11-02.yang
@@ -0,0 +1,171 @@
+<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="m-1">
+  <data xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring">module ietf-ssh-server {
+  yang-version 1.1;
+  namespace "urn:ietf:params:xml:ns:yang:ietf-ssh-server";
+  prefix sshs;
+
+  import ietf-inet-types {
+    prefix inet;
+    reference
+      "RFC 6991: Common YANG Data Types";
+  }
+
+  import ietf-keystore {
+    prefix ks;
+    reference
+      "RFC YYYY: Keystore Model";
+  }
+
+  organization
+    "IETF NETCONF (Network Configuration) Working Group";
+  contact
+    "WG Web:   &lt;http://tools.ietf.org/wg/netconf/&gt;
+     WG List:  &lt;mailto:netconf@ietf.org&gt;
+
+     WG Chair: Mehmet Ersue
+               &lt;mailto:mehmet.ersue@nsn.com&gt;
+
+     WG Chair: Mahesh Jethanandani
+               &lt;mailto:mjethanandani@gmail.com&gt;
+
+     Editor:   Kent Watsen
+               &lt;mailto:kwatsen@juniper.net&gt;";
+  description
+    "This module defines a reusable grouping for a SSH server that
+     can be used as a basis for specific SSH server instances.
+
+     Copyright (c) 2014 IETF Trust and the persons identified as
+     authors of the code. All rights reserved.
+
+     Redistribution and use in source and binary forms, with or
+     without modification, is permitted pursuant to, and subject
+     to the license terms contained in, the Simplified BSD
+     License set forth in Section 4.c of the IETF Trust's
+     Legal Provisions Relating to IETF Documents
+     (http://trustee.ietf.org/license-info).
+
+     This version of this YANG module is part of RFC XXXX; see
+     the RFC itself for full legal notices.";
+
+  revision 2016-11-02 {
+    description
+      "Initial version";
+    reference
+      "RFC XXXX: SSH Client and Server Models";
+  }
+
+  feature ssh-x509-certs {
+    description
+      "The ssh-x509-certs feature indicates that the NETCONF
+       server supports RFC 6187";
+    reference
+      "RFC 6187: X.509v3 Certificates for Secure Shell
+       Authentication";
+  }
+
+  grouping non-listening-ssh-server-grouping {
+    description
+      "A reusable grouping for a SSH server that can be used as a
+       basis for specific SSH server instances.";
+    container host-keys {
+      description
+        "The list of host-keys the SSH server will present when
+         establishing a SSH connection.";
+      list host-key {
+        key "name";
+        min-elements 1;
+        ordered-by user;
+        description
+          "An ordered list of host keys the SSH server will use to
+           construct its ordered list of algorithms, when sending
+           its SSH_MSG_KEXINIT message, as defined in Section 7.1
+           of RFC 4253.";
+        reference
+          "RFC 4253: The Secure Shell (SSH) Transport Layer Protocol";
+        leaf name {
+          type string;
+          description
+            "An arbitrary name for this host-key";
+        }
+
+        choice host-key-type {
+          mandatory true;
+          description
+            "The type of host key being specified";
+          leaf public-key {
+            type leafref {
+              path "/ks:keystore/ks:private-keys/ks:private-key/ks:name";
+            }
+            description
+              "The public key is actually identified by the name of
+               its cooresponding private-key in the keystore.";
+          }
+
+          leaf certificate {
+            if-feature "ssh-x509-certs";
+            type leafref {
+              path "/ks:keystore/ks:private-keys/ks:private-key/ks:certificate-chains/ks:certificate-chain/ks:name";
+            }
+            description
+              "The name of a certificate in the keystore.";
+          }
+        }
+      }
+    }
+
+    container client-cert-auth {
+      if-feature "ssh-x509-certs";
+      description
+        "A reference to a list of trusted certificate authority (CA)
+         certificates and a reference to a list of trusted client
+         certificates.";
+      leaf trusted-ca-certs {
+        type leafref {
+          path "/ks:keystore/ks:trusted-certificates/ks:name";
+        }
+        description
+          "A reference to a list of certificate authority (CA)
+           certificates used by the SSH server to authenticate
+           SSH client certificates.";
+      }
+
+      leaf trusted-client-certs {
+        type leafref {
+          path "/ks:keystore/ks:trusted-certificates/ks:name";
+        }
+        description
+          "A reference to a list of client certificates used by
+           the SSH server to authenticate SSH client certificates.
+           A clients certificate is authenticated if it is an
+           exact match to a configured trusted client certificate.";
+      }
+    }
+  }
+
+  grouping listening-ssh-server-grouping {
+    description
+      "A reusable grouping for a SSH server that can be used as a
+       basis for specific SSH server instances.";
+    leaf address {
+      type inet:ip-address;
+      description
+        "The IP address of the interface to listen on.  The SSH
+         server will listen on all interfaces if no value is
+         specified.  Please note that some addresses have special
+         meanings (e.g., '0.0.0.0' and '::').";
+    }
+
+    leaf port {
+      type inet:port-number;
+      description
+        "The local port number on this interface the SSH server
+         listens on.  When this grouping is used, it is RECOMMENED
+         that refine statement is used to either set a default port
+         value or to set mandatory true.";
+    }
+
+    uses non-listening-ssh-server-grouping;
+  }
+}
+</data>
+</rpc-reply>