SNMP-SSH-TM-MIB DEFINITIONS ::= BEGIN

IMPORTS
	MODULE-IDENTITY,
	OBJECT-TYPE,
	OBJECT-IDENTITY,
	mib-2,
	snmpDomains,
	Counter32
		FROM SNMPv2-SMI		-- RFC 2578
	TEXTUAL-CONVENTION
		FROM SNMPv2-TC		-- RFC 2579
	MODULE-COMPLIANCE,
	OBJECT-GROUP
		FROM SNMPv2-CONF		-- RFC 2580
;

snmpSshtmMIB MODULE-IDENTITY
	LAST-UPDATED "200906090000Z"	-- Jun 9, 2009 12:00:00 AM
	ORGANIZATION "ISMS Working Group"
	CONTACT-INFO
		"WG-EMail:   isms@lists.ietf.org
		Subscribe:  isms-request@lists.ietf.org

		Chairs:
		  Juergen Quittek
		  NEC Europe Ltd.
		  Network Laboratories
		  Kurfuersten-Anlage 36
		  69115 Heidelberg
		  Germany
		  +49 6221 90511-15
		  quittek@netlab.nec.de

		  Juergen Schoenwaelder
		  Jacobs University Bremen
		  Campus Ring 1
		  28725 Bremen
		  Germany
		  +49 421 200-3587
		  j.schoenwaelder@jacobs-university.de

		Co-editors:
		  David Harrington
		  Huawei Technologies USA
		  1700 Alma Drive
		  Plano Texas 75075





		  USA
		  +1 603-436-8634
		  ietfdbh@comcast.net

		  Joseph Salowey
		  Cisco Systems
		  2901 3rd Ave
		  Seattle, WA 98121
		  USA
		  jsalowey@cisco.com

		  Wes Hardaker
		  Cobham Analytic Solutions
		  P.O. Box 382
		  Davis, CA  95617
		  USA
		  +1 530 792 1913
		  ietf@hardakers.net

		"
	DESCRIPTION
		"The Secure Shell Transport Model MIB.

		Copyright (c) 2009 IETF Trust and the persons
		identified as authors of the code.  All rights reserved.

		Redistribution and use in source and binary forms, with or
		without modification, are permitted provided that the
		following conditions are met:

		- Redistributions of source code must retain the above copyright
		  notice, this list of conditions and the following disclaimer.

		- Redistributions in binary form must reproduce the above
		  copyright notice, this list of conditions and the following
		  disclaimer in the documentation and/or other materials
		  provided with the distribution.

		- Neither the name of Internet Society, IETF or IETF Trust,
		  nor the names of specific contributors, may be used to endorse
		  or promote products derived from this software without
		  specific prior written permission.

		THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
		CONTRIBUTORS 'AS IS' AND ANY EXPRESS OR IMPLIED WARRANTIES,
		INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
		MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
		DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR
		CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,





		SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
		NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
		LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
		HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
		CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
		OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
		EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

		This version of this MIB module is part of RFC 5592;
		see the RFC itself for full legal notices."
	REVISION "200906090000Z"	-- Jun 9, 2009 12:00:00 AM
	DESCRIPTION
		"The initial version, published in RFC 5592."
	-- 1.3.6.1.2.1.189
	::= { mib-2 189 }


-- ------------------------------------------------------------
-- subtrees in the SNMP-SSH-TM-MIB
-- ------------------------------------------------------------

snmpSshtmNotifications OBJECT IDENTIFIER 
	-- 1.3.6.1.2.1.189.0
	::= { snmpSshtmMIB 0 }

snmpSshtmObjects OBJECT IDENTIFIER 
	-- 1.3.6.1.2.1.189.1
	::= { snmpSshtmMIB 1 }

snmpSshtmConformance OBJECT IDENTIFIER 
	-- 1.3.6.1.2.1.189.2
	::= { snmpSshtmMIB 2 }

-- -------------------------------------------------------------
-- Objects
-- -------------------------------------------------------------

snmpSSHDomain OBJECT-IDENTITY
	STATUS  current
	DESCRIPTION
		"The SNMP-over-SSH transport domain.  The corresponding
		transport address is of type SnmpSSHAddress.

		When an SNMP entity uses the snmpSSHDomain Transport
		Model, it must be capable of accepting messages up to
		and including 8192 octets in size.  Implementation of
		larger values is encouraged whenever possible.

		The securityName prefix to be associated with the
		snmpSSHDomain is 'ssh'.  This prefix may be used by Security
		Models or other components to identify which secure transport
		infrastructure authenticated a securityName."
	-- 1.3.6.1.6.1.7
	::= { snmpDomains 7 }

SnmpSSHAddress ::= TEXTUAL-CONVENTION
	DISPLAY-HINT "1a"
	STATUS  current
	DESCRIPTION
		"Represents either a hostname or IP address, along with a port
		number and an optional user name.

		The beginning of the address specification may contain a
		user name followed by an '@' (US-ASCII character 0x40).  This
		portion of the address will indicate the user name that should
		be used when authenticating to an SSH server.  The user name
		must be encoded in UTF-8 (per [RFC4252]).  If missing, the
		SNMP securityName should be used.  After the optional user
		name field and '@' character comes the hostname or IP
		address.

		The hostname is always in US-ASCII (as per RFC1033);
		internationalized hostnames are encoded in US-ASCII as
		specified in RFC 3490.  The hostname is followed by a colon
		':' (US-ASCII character 0x3A) and a decimal port number in
		US-ASCII.  The name SHOULD be fully qualified whenever
		possible.

		An IPv4 address must be in dotted decimal format followed
		by a colon ':' (US-ASCII character 0x3A) and a decimal port
		number in US-ASCII.

		An IPv6 address must be in colon-separated format, surrounded
		by square brackets ('[', US-ASCII character 0x5B, and ']',
		US-ASCII character 0x5D), followed by a colon ':' (US-ASCII
		character 0x3A) and a decimal port number in US-ASCII.

		Values of this Textual Convention might not be directly usable
		as transport-layer addressing information and may require
		runtime resolution.  As such, applications that write them
		must be prepared for handling errors if such values are
		not supported or cannot be resolved (if resolution occurs
		at the time of the management operation).

		The DESCRIPTION clause of TransportAddress objects that may
		have snmpSSHAddress values must fully describe how (and
		when) such names are to be resolved to IP addresses and vice
		versa.

		This Textual Convention SHOULD NOT be used directly in
		object definitions since it restricts addresses to a
		specific format.  However, if it is used, it MAY be used
		either on its own or in conjunction with
		TransportAddressType or TransportDomain as a pair.







		When this Textual Convention is used as a syntax of an
		index object, there may be issues with the limit of 128
		sub-identifiers, which is specified in SMIv2 (STD 58).  It
		is RECOMMENDED that all MIB documents using this Textual
		Convention make explicit any limitations on index
		component lengths that management software must observe.
		This may be done either by including SIZE constraints on
		the index components or by specifying applicable
		constraints in the conceptual row DESCRIPTION clause or
		in the surrounding documentation.

		"
	REFERENCE
		"RFC 1033: DOMAIN ADMINISTRATORS OPERATIONS GUIDE
		RFC 3490: Internationalizing Domain Names in Applications
		RFC 3986: Uniform Resource Identifier (URI): Generic Syntax
		RFC 4252: The Secure Shell (SSH) Authentication Protocol"
	SYNTAX OCTET STRING (SIZE (1..255))


-- The snmpSshtmSession Group

snmpSshtmSession OBJECT IDENTIFIER 
	-- 1.3.6.1.2.1.189.1.1
	::= { snmpSshtmObjects 1 }

snmpSshtmSessionOpens OBJECT-TYPE
	SYNTAX  Counter32
	MAX-ACCESS read-only
	STATUS  current
	DESCRIPTION
		"The number of times an openSession() request has been
		executed as an SSH client, whether it succeeded or
		failed.

		"
	-- 1.3.6.1.2.1.189.1.1.1
	::= { snmpSshtmSession 1 }


snmpSshtmSessionCloses OBJECT-TYPE
	SYNTAX  Counter32
	MAX-ACCESS read-only
	STATUS  current
	DESCRIPTION
		"The number of times a closeSession() request has been
		executed as an SSH client, whether it succeeded or
		failed.

		"
	-- 1.3.6.1.2.1.189.1.1.2
	::= { snmpSshtmSession 2 }


snmpSshtmSessionOpenErrors OBJECT-TYPE
	SYNTAX  Counter32
	MAX-ACCESS read-only
	STATUS  current
	DESCRIPTION
		"The number of times an openSession() request
		failed to open a transport connection or failed to
		authenticate the server.

		"
	-- 1.3.6.1.2.1.189.1.1.3
	::= { snmpSshtmSession 3 }


snmpSshtmSessionUserAuthFailures OBJECT-TYPE
	SYNTAX  Counter32
	MAX-ACCESS read-only
	STATUS  current
	DESCRIPTION
		"The number of times an openSession() request
		failed to open a session as an SSH client due to
		user-authentication failures.

		"
	-- 1.3.6.1.2.1.189.1.1.4
	::= { snmpSshtmSession 4 }


snmpSshtmSessionNoChannels OBJECT-TYPE
	SYNTAX  Counter32
	MAX-ACCESS read-only
	STATUS  current
	DESCRIPTION
		"The number of times an openSession() request
		failed to open a session as an SSH client due to
		channel-open failures.

		"
	-- 1.3.6.1.2.1.189.1.1.5
	::= { snmpSshtmSession 5 }


snmpSshtmSessionNoSubsystems OBJECT-TYPE
	SYNTAX  Counter32
	MAX-ACCESS read-only
	STATUS  current
	DESCRIPTION
		"The number of times an openSession() request
		failed to open a session as an SSH client due to
		inability to connect to the requested subsystem.

		"
	-- 1.3.6.1.2.1.189.1.1.6
	::= { snmpSshtmSession 6 }


snmpSshtmSessionNoSessions OBJECT-TYPE
	SYNTAX  Counter32
	MAX-ACCESS read-only
	STATUS  current
	DESCRIPTION
		"The number of times an outgoing message was
		dropped because the same session was no longer
		available.

		"
	-- 1.3.6.1.2.1.189.1.1.7
	::= { snmpSshtmSession 7 }


snmpSshtmSessionInvalidCaches OBJECT-TYPE
	SYNTAX  Counter32
	MAX-ACCESS read-only
	STATUS  current
	DESCRIPTION
		"The number of outgoing messages dropped because the
		tmStateReference referred to an invalid cache.

		"
	-- 1.3.6.1.2.1.189.1.1.8
	::= { snmpSshtmSession 8 }


-- ************************************************
-- snmpSshtmMIB - Conformance Information
-- ************************************************

snmpSshtmCompliances OBJECT IDENTIFIER 
	-- 1.3.6.1.2.1.189.2.1
	::= { snmpSshtmConformance 1 }

snmpSshtmGroups OBJECT IDENTIFIER 
	-- 1.3.6.1.2.1.189.2.2
	::= { snmpSshtmConformance 2 }


-- ************************************************
-- Compliance statements
-- ************************************************

snmpSshtmCompliance MODULE-COMPLIANCE
	STATUS  current
	DESCRIPTION
		"The compliance statement for SNMP engines that
		support the SNMP-SSH-TM-MIB."

	MODULE 
	MANDATORY-GROUPS {
			snmpSshtmGroup }

	-- 1.3.6.1.2.1.189.2.1.1
	::= { snmpSshtmCompliances 1 }

-- ************************************************
-- Units of conformance
-- ************************************************

snmpSshtmGroup OBJECT-GROUP
	OBJECTS {
		snmpSshtmSessionOpens,
		snmpSshtmSessionCloses,
		snmpSshtmSessionOpenErrors,
		snmpSshtmSessionUserAuthFailures,
		snmpSshtmSessionNoChannels,
		snmpSshtmSessionNoSubsystems,
		snmpSshtmSessionNoSessions,
		snmpSshtmSessionInvalidCaches }
	STATUS  current
	DESCRIPTION
		"A collection of objects for maintaining information
		of an SNMP engine that implements the SNMP Secure
		Shell Transport Model.

		"
	-- 1.3.6.1.2.1.189.2.2.2
	::= { snmpSshtmGroups 2 }

END
