diff options
Diffstat (limited to 'vnfs/TestVNF/netconftemplates/netconftemplates/ietf-ssh-server@2016-11-02.yin')
-rw-r--r-- | vnfs/TestVNF/netconftemplates/netconftemplates/ietf-ssh-server@2016-11-02.yin | 186 |
1 files changed, 186 insertions, 0 deletions
diff --git a/vnfs/TestVNF/netconftemplates/netconftemplates/ietf-ssh-server@2016-11-02.yin b/vnfs/TestVNF/netconftemplates/netconftemplates/ietf-ssh-server@2016-11-02.yin new file mode 100644 index 00000000..e57fcd32 --- /dev/null +++ b/vnfs/TestVNF/netconftemplates/netconftemplates/ietf-ssh-server@2016-11-02.yin @@ -0,0 +1,186 @@ +<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="m-1"> + <data xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring"><?xml version="1.0" encoding="UTF-8"?> +<module name="ietf-ssh-server" + xmlns="urn:ietf:params:xml:ns:yang:yin:1" + xmlns:sshs="urn:ietf:params:xml:ns:yang:ietf-ssh-server" + xmlns:inet="urn:ietf:params:xml:ns:yang:ietf-inet-types" + xmlns:ks="urn:ietf:params:xml:ns:yang:ietf-keystore"> + <yang-version value="1.1"/> + <namespace uri="urn:ietf:params:xml:ns:yang:ietf-ssh-server"/> + <prefix value="sshs"/> + <import module="ietf-inet-types"> + <prefix value="inet"/> + <reference> + <text>RFC 6991: Common YANG Data Types</text> + </reference> + </import> + <import module="ietf-keystore"> + <prefix value="ks"/> + <reference> + <text>RFC YYYY: Keystore Model</text> + </reference> + </import> + <organization> + <text>IETF NETCONF (Network Configuration) Working Group</text> + </organization> + <contact> + <text>WG Web: &lt;http://tools.ietf.org/wg/netconf/&gt; +WG List: &lt;mailto:netconf@ietf.org&gt; + +WG Chair: Mehmet Ersue + &lt;mailto:mehmet.ersue@nsn.com&gt; + +WG Chair: Mahesh Jethanandani + &lt;mailto:mjethanandani@gmail.com&gt; + +Editor: Kent Watsen + &lt;mailto:kwatsen@juniper.net&gt;</text> + </contact> + <description> + <text>This module defines a reusable grouping for a SSH server that +can be used as a basis for specific SSH server instances. + +Copyright (c) 2014 IETF Trust and the persons identified as +authors of the code. All rights reserved. + +Redistribution and use in source and binary forms, with or +without modification, is permitted pursuant to, and subject +to the license terms contained in, the Simplified BSD +License set forth in Section 4.c of the IETF Trust's +Legal Provisions Relating to IETF Documents +(http://trustee.ietf.org/license-info). + +This version of this YANG module is part of RFC XXXX; see +the RFC itself for full legal notices.</text> + </description> + <revision date="2016-11-02"> + <description> + <text>Initial version</text> + </description> + <reference> + <text>RFC XXXX: SSH Client and Server Models</text> + </reference> + </revision> + <feature name="ssh-x509-certs"> + <description> + <text>The ssh-x509-certs feature indicates that the NETCONF +server supports RFC 6187</text> + </description> + <reference> + <text>RFC 6187: X.509v3 Certificates for Secure Shell +Authentication</text> + </reference> + </feature> + <grouping name="non-listening-ssh-server-grouping"> + <description> + <text>A reusable grouping for a SSH server that can be used as a +basis for specific SSH server instances.</text> + </description> + <container name="host-keys"> + <description> + <text>The list of host-keys the SSH server will present when +establishing a SSH connection.</text> + </description> + <list name="host-key"> + <key value="name"/> + <min-elements value="1"/> + <ordered-by value="user"/> + <description> + <text>An ordered list of host keys the SSH server will use to +construct its ordered list of algorithms, when sending +its SSH_MSG_KEXINIT message, as defined in Section 7.1 +of RFC 4253.</text> + </description> + <reference> + <text>RFC 4253: The Secure Shell (SSH) Transport Layer Protocol</text> + </reference> + <leaf name="name"> + <type name="string"/> + <description> + <text>An arbitrary name for this host-key</text> + </description> + </leaf> + <choice name="host-key-type"> + <mandatory value="true"/> + <description> + <text>The type of host key being specified</text> + </description> + <leaf name="public-key"> + <type name="leafref"> + <path value="/ks:keystore/ks:private-keys/ks:private-key/ks:name"/> + </type> + <description> + <text>The public key is actually identified by the name of +its cooresponding private-key in the keystore.</text> + </description> + </leaf> + <leaf name="certificate"> + <if-feature name="ssh-x509-certs"/> + <type name="leafref"> + <path value="/ks:keystore/ks:private-keys/ks:private-key/ks:certificate-chains/ks:certificate-chain/ks:name"/> + </type> + <description> + <text>The name of a certificate in the keystore.</text> + </description> + </leaf> + </choice> + </list> + </container> + <container name="client-cert-auth"> + <if-feature name="ssh-x509-certs"/> + <description> + <text>A reference to a list of trusted certificate authority (CA) +certificates and a reference to a list of trusted client +certificates.</text> + </description> + <leaf name="trusted-ca-certs"> + <type name="leafref"> + <path value="/ks:keystore/ks:trusted-certificates/ks:name"/> + </type> + <description> + <text>A reference to a list of certificate authority (CA) +certificates used by the SSH server to authenticate +SSH client certificates.</text> + </description> + </leaf> + <leaf name="trusted-client-certs"> + <type name="leafref"> + <path value="/ks:keystore/ks:trusted-certificates/ks:name"/> + </type> + <description> + <text>A reference to a list of client certificates used by +the SSH server to authenticate SSH client certificates. +A clients certificate is authenticated if it is an +exact match to a configured trusted client certificate.</text> + </description> + </leaf> + </container> + </grouping> + <grouping name="listening-ssh-server-grouping"> + <description> + <text>A reusable grouping for a SSH server that can be used as a +basis for specific SSH server instances.</text> + </description> + <leaf name="address"> + <type name="inet:ip-address"/> + <description> + <text>The IP address of the interface to listen on. The SSH +server will listen on all interfaces if no value is +specified. Please note that some addresses have special +meanings (e.g., '0.0.0.0' and '::').</text> + </description> + </leaf> + <leaf name="port"> + <type name="inet:port-number"/> + <description> + <text>The local port number on this interface the SSH server +listens on. When this grouping is used, it is RECOMMENED +that refine statement is used to either set a default port +value or to set mandatory true.</text> + </description> + </leaf> + <uses name="non-listening-ssh-server-grouping"/> + </grouping> +</module> +</data> +</rpc-reply> |