module ietf-ssh-client {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-ssh-client";
prefix sshc;
import ietf-ssh-common {
prefix sshcmn;
revision-date 2019-11-20; // stable grouping definitions
reference
"RFC XXXX: YANG Groupings for SSH Clients and SSH Servers";
}
import ietf-crypto-types {
prefix ct;
reference
"RFC AAAA: Common YANG Data Types for Cryptography";
}
import ietf-truststore {
prefix ts;
reference
"RFC BBBB: A YANG Data Model for a Truststore";
}
import ietf-keystore {
prefix ks;
reference
"RFC CCCC: A YANG Data Model for a Keystore";
}
import ietf-netconf-acm {
prefix nacm;
reference
"RFC 8341: Network Configuration Access Control Model";
}
organization
"IETF NETCONF (Network Configuration) Working Group";
contact
"WG Web:
WG List:
Author: Kent Watsen
Author: Gary Wu ";
description
"This module defines reusable groupings for SSH clients that
can be used as a basis for specific SSH client instances.
Copyright (c) 2019 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
or without modification, is permitted pursuant to, and
subject to the license terms contained in, the Simplified
BSD License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC
itself for full legal notices.;
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
are to be interpreted as described in BCP 14 (RFC 2119)
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
revision 2019-11-20 {
description
"Initial version";
reference
"RFC XXXX: YANG Groupings for SSH Clients and SSH Servers";
}
// Features
feature ssh-client-transport-params-config {
description
"SSH transport layer parameters are configurable on an SSH
client.";
}
feature ssh-client-keepalives {
description
"Per socket SSH keepalive parameters are configurable for
SSH clients on the server implementing this feature.";
}
// Groupings
grouping ssh-client-grouping {
description
"A reusable grouping for configuring a SSH client without
any consideration for how an underlying TCP session is
established.
Note that this grouping uses fairly typical descendent
node names such that a stack of 'uses' statements will
have name conflicts. It is intended that the consuming
data model will resolve the issue (e.g., by wrapping
the 'uses' statement in a container called
'ssh-client-parameters'). This model purposely does
not do this itself so as to provide maximum flexibility
to consuming models.";
container client-identity {
nacm:default-deny-write;
description
"The credentials used by the client to authenticate to
the SSH server.";
leaf username {
type string;
description
"The username of this user. This will be the username
used, for instance, to log into an SSH server.";
}
choice auth-type {
mandatory true;
description
"The authentication type. What happens when more than
one decendent is configured is undefined. FIXME.";
leaf password {
nacm:default-deny-all;
type string;
description
"A password to be used for client authentication.";
}
container public-key {
uses ks:local-or-keystore-asymmetric-key-grouping {
refine "local-or-keystore/local/local-definition" {
must 'public-key-format = "ct:ssh-public-key-format"';
}
// FIXME: also need a must expression to ensure the
// *referenced* key's public-key-format is
// "ct:ssh-public-key-format"
}
description
"A locally-defined or referenced asymmetric key
pair to be used for client authentication.";
reference
"RFC ZZZZ: YANG Data Model for a Centralized
Keystore Mechanism";
}
container certificate {
if-feature "sshcmn:ssh-x509-certs";
uses
ks:local-or-keystore-end-entity-cert-with-key-grouping;
description
"A locally-defined or referenced certificate
to be used for client authentication.";
reference
"RFC ZZZZ: YANG Data Model for a Centralized
Keystore Mechanism";
}
}
} // container client-identity
container server-authentication {
nacm:default-deny-write;
must 'ssh-host-keys or ca-certs or server-certs';
description
"Specifies how the SSH client can authenticate SSH servers.
Any combination of credentials is additive and unordered.";
container ssh-host-keys {
presence
"Indicates that the client can authenticate servers
using the configured SSH host keys.";
description
"A list of SSH host keys used by the SSH client to
authenticate SSH server host keys. A server host key
is authenticated if it is an exact match to a
configured SSH host key.";
reference
"RFC YYYY: YANG Data Model for Global Trust Anchors";
uses ts:local-or-truststore-host-keys-grouping;
}
container ca-certs {
if-feature "sshcmn:ssh-x509-certs";
presence
"Indicates that the client can authenticate servers
using the configured trust anchor certificates.";
description
"A set of certificate authority (CA) certificates used by
the SSH client to authenticate SSH servers. A server
is authenticated if its certificate has a valid chain
of trust to a configured CA certificate.";
reference
"RFC YYYY: YANG Data Model for Global Trust Anchors";
uses ts:local-or-truststore-certs-grouping;
}
container server-certs {
if-feature "sshcmn:ssh-x509-certs";
presence
"Indicates that the client can authenticate servers
using the configured server certificates.";
description
"A set of end-entity certificates used by the SSH client
to authenticate SSH servers. A server is authenticated
if its certificate is an exact match to a configured
server certificate.";
reference
"RFC YYYY: YANG Data Model for Global Trust Anchors";
uses ts:local-or-truststore-certs-grouping;
}
} // container server-authentication
container transport-params {
nacm:default-deny-write;
if-feature "ssh-client-transport-params-config";
description
"Configurable parameters of the SSH transport layer.";
uses sshcmn:transport-params-grouping;
} // container transport-parameters
container keepalives {
nacm:default-deny-write;
if-feature "ssh-client-keepalives";
presence "Indicates that keepalives are enabled.";
description
"Configures the keep-alive policy, to proactively test
the aliveness of the SSH server. An unresponsive TLS
server is dropped after approximately max-wait *
max-attempts seconds.";
leaf max-wait {
type uint16 {
range "1..max";
}
units "seconds";
default "30";
description
"Sets the amount of time in seconds after which if
no data has been received from the SSH server, a
TLS-level message will be sent to test the
aliveness of the SSH server.";
}
leaf max-attempts {
type uint8;
default "3";
description
"Sets the maximum number of sequential keep-alive
messages that can fail to obtain a response from
the SSH server before assuming the SSH server is
no longer alive.";
}
} // container keepalives
} // grouping ssh-client-grouping
}