Skip to main content

SSH Software Commands

The commands described in this section are used for managing SSH software on the hosts in the managed environment.

count-ssh-versions

Syntax:

ssh-mgr-client count-ssh-versions [options] [-F <filter>] [-vvv] [-U <url>]

Returns the number of SSH software in the Key Manager system.

When filters are specified, this command returns the number of SSH software that match the filter criteria. For filtering, you can use the same attributes that are available for the list-ssh-versions command (see list-ssh-versions).

Example for returning the number of all the SSH software found in the managed environment:

$ ssh-mgr-client count-ssh-versions
724

Example for displaying the number of OpenSSH servers:

$ ssh-mgr-client count-hosts -F "ssh_sw_type=openssh-server"
97

list-ssh-versions

Syntax:

ssh-mgr-client list-ssh-versions [options] \
[-F <filter>] [-vvv] [-U <url>] [-o <format>] [-C <columns>] [-H] [-B]

The default command lists the detected SSH software and their version information:

$ ssh-mgr-client list-ssh-versions

The following columns can be used for filtering (-F) and output formatting (-C):

assigned_conf_id

Internal PrivX Key Manager id for assigned configuration

attributes

List of configuration attributes set in this product's configuration

binary_path

Path to the binary file

binary_version_info

Version information retrieved from SSH binary

conf_status

Configuration status

deployed_conf_id

Internal PrivX Key Manager id for deployed configuration

host_id

Id of the host where the SSH software is located

hostgroup

Name of host group that the SSH SW host is a member of. Only usable for filtering (-F).

hostgroupid

Id of host group that the SSH SW host is a member of. Only usable for filtering (-F).

hostname

Host where the SSH software is located

id

Internal PrivX Key Manager id for SSH software

package_version_info

Version information retrieved from package manager

policy_violation_score

Combined numeric severities of the policies this product is currently violating

policy_violations

List of policy rules this product is currently violating

ssh_sw_type

Type of the SSH software

state

State of the SSH software

version

Version of the SSH software

For example, to find all the OpenSSH software:

$ ssh-mgr-client list-ssh-versions -F "ssh_sw_type=openssh*"

To find all the Tectia SSH software:

$ ssh-mgr-client list-ssh-versions -F "ssh_sw_type=ssh*"

As a more advanced example, finding all the OpenSSH software on the host example.server.com, and displaying its state and version:

$ ssh-mgr-client -C "state,version" list-ssh-versions -F \
"ssh_sw_type=openssh*&&hostname=example.server.com"

manage-configurations

Syntax:

ssh-mgr-client manage-configurations [options] \
(-F <filter> | -i <id>) [ -vvv] [-U <url>]

Switches the management state of the selected configurations to managed. Select a target configuration using its host ID. Alternatively, you can use filters to select all matching configurations.

The following columns can be used for filtering (-F):

id

Internal PrivX Key Manager id for configuration

name

Configuration name

description

Description for configuration

state

State of the configuration

conf_tag

Product type

date_created

Date when the configuration was created

deployed_to

Number of products on hosts that have this configuration deployed

assigned_to

Number of products on hosts that have this configuration assigned

hostname_deployed_to

The name of the host the configuration has been deployed to

hostname_assigned_to

The name of the host the configuration has been assigned to

hostgroup_deployed_to

The name of the host group the configuration has been deployed to

hostgroup_assigned_to

The name of the host group the configuration has been assigned to

host_id_deployed_to

The ID of the host the configuration has been deployed to

host_id_assigned_to

The ID of the host the configuration has been assigned to

revision

Revision of the SSH software

attributes

List of configuration attributes set in this configuration

For example, to manage a configuration with a certain ID:

$ ssh-mgr-client manage-configurations -i 8

As another example, to manage all configurations that are in the monitored state:

$ ssh-mgr-client manage-configurations -F "state=monitored"
note

Similarly to managing configurations via the Key Manager GUI, using the command-line client to manage a configuration actually creates a managed copy of the target configuration, assigns the hosts of the monitored configuration to this new configuration, then deletes the old monitored configuration. Therefore, the managed configuration has a new configuration ID.

show-ssh-version

Syntax:

ssh-mgr-client [-v] [-U <url>] [-o <format>] [-C <columns>] show-ssh-version -i <id>

Displays the SSH software with the given ID. For output formatting, you can use similar attributes as the list-ssh-versions command (see list-ssh-versions).

Example:

$ ssh-mgr-client show-ssh-version -i 3