Creating And Accessing The Database; Exporting The Database - HP NonStop SSH 544701-014 Reference Manual

•
USERID@HOST: the user name sent to the remote system and the IP address and port of the remote system.
•
USER: the name of the Guardian user the public key was generated for
The PASSWORD entity has the following additional properties:
•
STATUS: whether the password is frozen or thawed.
The database also contains some additional information about each password record collected by SSH2:
•
LAST-USE: Record usage: Last time the record was used.
•
LAST-MODIFIED: Record maintenance: Last time the record was modified.
Client mode record type KNOWNHOST holds remote host key information for the Guardian user initiating a client
connection on NonStop. KNOWNHOST records are added when a user accepts a remote host key or via SSHCOM
command ADD KNOWNHOST. Database key to the KNOWNHOST entity consists of:
The KNOWNHOST entity has the following properties:
•
KEY: the name of the public key pair generated for the Guardian user
•
KNOWNBY: the name of the Guardian user who is allowed to connect to this host (or who accepted the remote
host key when SSH2 parameter STRICTHOSTKEYCHECKING is set to FALSE). The special name 'all' is
supported indicating that the remote host key is configured for all users.
The KNOWNHOST entity has the following additional properties:
•
COMMENT: a free text field allowing you to enter a descriptive comment.
•
ADDRESSES: the IP addresses or DNS names of the hosts using this public key.
•
PORT: the port number of the SSH daemons running on the remote host.
•
ALGORITHM: the algorithm used for host authentication. Valid algorithms are SSH-RSA and SSH-DSS.
•
PUBLICKEY-FINGERPRINT: The MD5 and bubble-babble fingerprints of the public key.
•
STATUS: whether the knownhost is frozen or thawed.
The database also contains some additional information collected by SSH2 about each knownhost:
•
LAST-USE: Record usage: Last time the record was used.
•
LAST-MODIFIED: Record maintenance: Last time the record was modified.

Creating and Accessing the Database

The database is contained in a single Enscribe file. To create a new database, SSH2 needs to be started with the SSHCTL
parameter pointing to a non-existing file. In that case, the SSHCTLAUDIT parameter will control whether the database
will be created as an audited file or not.
To reuse an existing database, SSH2 needs to be started with SSH2 parameter SSHCTL pointing to an existing file.
The content of the database is viewed and maintained with the SSHCOM utility, which is described in the next section.

Exporting the Database

The SSHCTL database can be exported into text files in order to allow further processing of the content. The text files
are written in standard comma-separated form, which allows importing of the text files into programs such as MS
Access, MS Excel, or any SQL database.
For a description how to export the database please refer to the section
chapter "SSHCOM Reference".
HP NonStop SSH Reference Manual
"Miscellaneous commands in
The SSH User Database • 131
SSHCOM" in