Controller: /nodeworx/sshd¶
- Required Permissions
SSH
Action: autoRestart
¶
- Added in Version
4.7.0-339
- Description
Configure SSHD auto-restart.
Input Parameters¶
Name |
Type |
Required? |
Example Values |
Default Values |
Notes |
---|---|---|---|---|---|
|
integer |
No* |
1, 0 |
0 |
With this option on, SSH will restart automatically if SSH goes down unexpectedly |
|
integer |
No |
1 |
Selecting this option causes the action to be replayed on all nodes of the cluster automatically, as if you had logged in to each node manually |
* indicates that it’s actually required, but probably already has a valid default value.
Action: fail
¶
- Added in Version
4.7.0-339
- Description
Magic function - test for failure mechanism.
Action: isRunning
¶
- Added in Version
4.7.0-339
- Description
Checks if the service is running or not.
Sample Output¶
array (
'status' => 0,
'payload' => true,
'reply_code' => 205,
)
Action: isRunningOnNode
¶
- Added in Version
4.7.0-339
- Description
Checks if the service is running on a specific node (Clustering only).
Input Parameters¶
Name |
Type |
Required? |
Example Values |
Default Values |
Notes |
---|---|---|---|---|---|
|
string |
No* |
* indicates that it’s actually required, but probably already has a valid default value.
Action: listGeneralName
¶
- Added in Version
4.7.0-339
- Description
Lists the “normal” name - ie “web server” instead of “httpd”.
Sample Output¶
array (
'status' => 0,
'payload' => '##LG_SSHSERVER##',
'reply_code' => 205,
)
Action: listPortNumbers
¶
- Added in Version
4.7.0-339
- Description
Lists a string of the port numbers that this service uses, comma-seperated.
Sample Output¶
array (
'status' => 0,
'payload' => '22',
'reply_code' => 205,
)
Action: listPortNumbersArray
¶
- Added in Version
4.7.0-339
- Description
Lists array of port numbers and ranges that this service uses.
Sample Output¶
array (
'status' => 0,
'payload' =>
array (
0 => 22,
),
'reply_code' => 205,
)
Action: listRequiredPermissions
¶
- Added in Version
4.7.0-339
- Description
Lists an array of permissions required to control the service.
Sample Output¶
array (
'status' => 0,
'payload' =>
array (
0 => 'SSH',
),
'reply_code' => 205,
)
Action: listServiceInfo
¶
- Added in Version
4.7.0-339
- Description
Lists the service name, ports, page, and status.
Sample Output¶
array (
'status' => 0,
'payload' =>
array (
'id' => 'sshd',
'name' => '##LG_SSHSERVER##',
'ports' => '22',
'page' => '/nodeworx/sshd',
'ctrl' => '/nodeworx/sshd',
'is_running' => 1,
),
'reply_code' => 205,
)
Action: listServiceName
¶
- Added in Version
4.7.0-339
- Description
Lists the service name - ie “httpd” instead of “web server”.
Sample Output¶
array (
'status' => 0,
'payload' => 'sshd',
'reply_code' => 205,
)
Action: listServicePage
¶
- Added in Version
4.7.0-339
- Description
Lists the page that controls the service.
Sample Output¶
array (
'status' => 0,
'payload' => '/nodeworx/sshd',
'reply_code' => 205,
)
Action: listSessions
¶
- Added in Version
4.8.0-393
- Description
Lists information about current shell sessions.
Sample Output¶
array (
'status' => 0,
'payload' =>
array (
),
'reply_code' => 205,
)
Action: queryAutoRestart
¶
- Added in Version
5.1.0-838
- Description
Displays the information available to the action “autoRestart”.
Sample Output¶
array (
'status' => 0,
'payload' =>
array (
'sshd_autorestart' => '0',
),
'reply_code' => 205,
)
Action: queryEditConf
¶
- Added in Version
5.1.0-838
- Description
Displays the information available to the action “editConf”.
Sample Output¶
array (
'status' => 0,
'payload' =>
array (
'file' => '/etc/ssh/sshd_config',
'file_content' => '# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/local/bin:/usr/bin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
# Ciphers and keying
#RekeyLimit default none
# Logging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don\'t trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don\'t read the user\'s ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication yes
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
#KerberosUseKuserok yes
# GSSAPI options
GSSAPIAuthentication yes
GSSAPICleanupCredentials no
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no
#GSSAPIEnablek5users no
# Set this to \'yes\' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to \'no\'.
# WARNING: \'UsePAM no\' is not supported in Red Hat Enterprise Linux and may cause several
# problems.
UsePAM yes
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation sandbox
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#ShowPatchLevel no
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
# no default banner path
#Banner none
# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS
# override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server',
),
'reply_code' => 205,
)
Action: queryUpdateConfig
¶
- Added in Version
5.1.0-838
- Description
Displays the information available to the action “updateConfig”.
Sample Output¶
array (
'status' => 0,
'payload' =>
array (
'port' => '22',
'allow_root' => 'yes',
'sshd_login_timeout' => '120',
'sshd_loglevel' => 'info',
'sshd_priv_separate' => 'yes',
),
'reply_code' => 205,
)
Action: reroute
¶
- Added in Version
4.7.0-339
- Description
Action to re-route from the current controller to a different one.
Input Parameters¶
Name |
Type |
Required? |
Example Values |
Default Values |
Notes |
---|---|---|---|---|---|
|
string |
Yes |
Index, Overview, Users, Lang, Apikey, Plugins, Twofactorauth, Notice, Siteworx, Shell, Packages, Backup, Import, Softaculous, Reseller, ResellerPackages, ResellerBandwidthhistory, Http, Phpextensions, Ftp, Sshd, MailMta, MailSmtp, MailSmtp2, MailSend, MailMda, MailMsa, MailDovecot, MailSpam, MailVirus, MailMailman, MailQueue, Mysql, MysqlRemote, MysqlPhpmyadmin, Dns, DnsZone, DnsRecord, DnsSync, Nfs, NfsExport, NfsMount, Health, Cron, Firewall, Ssl, Logs, Settings, Updates, Rrd, … |
Action: restart
¶
- Added in Version
4.7.0-339
- Description
Restart the service.
Input Parameters¶
Name |
Type |
Required? |
Example Values |
Default Values |
Notes |
---|---|---|---|---|---|
|
integer |
No |
1 |
Selecting this option causes the action to be replayed on all nodes of the cluster automatically, as if you had logged in to each node manually |
Action: restartOnNode
¶
- Added in Version
4.7.0-339
- Description
Restarts the service on a specific node (Clustering only).
Input Parameters¶
Name |
Type |
Required? |
Example Values |
Default Values |
Notes |
---|---|---|---|---|---|
|
string |
No* |
* indicates that it’s actually required, but probably already has a valid default value.
Action: start
¶
- Added in Version
4.7.0-339
- Description
Start the service.
Input Parameters¶
Name |
Type |
Required? |
Example Values |
Default Values |
Notes |
---|---|---|---|---|---|
|
integer |
No |
1 |
Selecting this option causes the action to be replayed on all nodes of the cluster automatically, as if you had logged in to each node manually |
Action: startOnBoot
¶
- Added in Version
4.7.0-339
- Description
Configure SSHD start-on-boot.
Input Parameters¶
Name |
Type |
Required? |
Example Values |
Default Values |
Notes |
---|---|---|---|---|---|
|
integer |
No* |
1, 0 |
1 |
If set to ‘Yes’, SSH will be automatically started when the server starts up. |
|
integer |
No |
1 |
Selecting this option causes the action to be replayed on all nodes of the cluster automatically, as if you had logged in to each node manually |
* indicates that it’s actually required, but probably already has a valid default value.
Action: startOnNode
¶
- Added in Version
4.7.0-339
- Description
Starts the service on a specific node (Clustering only).
Input Parameters¶
Name |
Type |
Required? |
Example Values |
Default Values |
Notes |
---|---|---|---|---|---|
|
string |
No* |
* indicates that it’s actually required, but probably already has a valid default value.
Action: stop
¶
- Added in Version
4.7.0-339
- Description
Stop the service.
Input Parameters¶
Name |
Type |
Required? |
Example Values |
Default Values |
Notes |
---|---|---|---|---|---|
|
integer |
No |
1 |
Selecting this option causes the action to be replayed on all nodes of the cluster automatically, as if you had logged in to each node manually |
Action: stopOnNode
¶
- Added in Version
4.7.0-339
- Description
Stops the service on a specific node (Clustering only).
Input Parameters¶
Name |
Type |
Required? |
Example Values |
Default Values |
Notes |
---|---|---|---|---|---|
|
string |
No* |
* indicates that it’s actually required, but probably already has a valid default value.
Action: terminate
¶
- Added in Version
4.8.0-393
- Description
Terminate shell sessions.
Input Parameters¶
Name |
Type |
Required? |
Example Values |
Default Values |
Notes |
---|---|---|---|---|---|
|
struct (integer) |
Yes |
Action: updateConfig
¶
- Added in Version
4.7.0-339
- Description
Configure SSHD server settings.
Input Parameters¶
Name |
Type |
Required? |
Example Values |
Default Values |
Notes |
---|---|---|---|---|---|
|
integer |
No* |
22 |
||
|
string |
No* |
yes, without-password, forced-commands-only, no |
yes |
Sets whether the root user can log in via ssh. Options are: <ul><li><b>Yes</b> - Root user is permitted to log in</li><li><b>Without Password</b> - Disables password authentication for the root user.</li><li><b>Forced Command Only</b> - Login is allowed but only if a command option was specified. Example: <pre>ssh root@test.com uptime</pre></li><li><b>No</b> - Root user is not permitted to log in.</li> |
|
integer |
No* |
120 |
After this timeout period the server will disconnect a user who has not yet successfully logged in |
|
|
string |
No* |
quiet, fatal, error, info, verbose, debug1, debug2, debug3 |
info |
Sets the verbosity that is used when logging sshd messages |
|
string |
No* |
yes, no, sandbox |
yes |
Toggles privilege separation. Used to prevent privilege escalation during the authentication process. |
|
integer |
No |
1 |
Selecting this option causes the action to be replayed on all nodes of the cluster automatically, as if you had logged in to each node manually |
* indicates that it’s actually required, but probably already has a valid default value.
Action: updateRrd
¶
- Added in Version
4.7.0-339
- Description
Toggle SSHD rrd graph in web interface.
Input Parameters¶
Name |
Type |
Required? |
Example Values |
Default Values |
Notes |
---|---|---|---|---|---|
|
integer |
No* |
1, 0 |
1 |
Use the dropdown to turn the SSH server activity graph on or off. |
* indicates that it’s actually required, but probably already has a valid default value.
Action: win
¶
- Added in Version
4.7.0-339
- Description
Magic function - test for testing success mechanism.