-
Notifications
You must be signed in to change notification settings - Fork 189
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
server UPDATE libnetconf2 module updates
- Loading branch information
1 parent
d6e748e
commit 47627ec
Showing
8 changed files
with
127 additions
and
153 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,55 +1,53 @@ | ||
| <netconf-server xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-server"> | ||
| <listen> | ||
| <endpoint> | ||
| <name>default-ssh</name> | ||
| <ssh> | ||
| <tcp-server-parameters> | ||
| <local-address>0.0.0.0</local-address> | ||
| <keepalives> | ||
| <idle-time>1</idle-time> | ||
| <max-probes>10</max-probes> | ||
| <probe-interval>5</probe-interval> | ||
| </keepalives> | ||
| </tcp-server-parameters> | ||
| <ssh-server-parameters> | ||
| <server-identity> | ||
| <host-key> | ||
| <name>default-key</name> | ||
| <public-key> | ||
| <keystore-reference>genkey</keystore-reference> | ||
| </public-key> | ||
| </host-key> | ||
| </server-identity> | ||
| <client-authentication> | ||
| <users> | ||
| <user> | ||
| <name>user</name> <!-- User name that can use this authorized key(s) to authenticate itself --> | ||
| <public-keys> | ||
| <use-system-keys xmlns="urn:cesnet:libnetconf2-netconf-server"/> <!-- Uses system authorized keys of the user automatically --> | ||
| <!-- Specific inline definition of an authorized key can be used INSTEAD of system authorized keys (select one method) | ||
| <inline-definition> | ||
| <public-key> | ||
| <name>my-authorized-key</name> | ||
| <public-key-format xmlns:ct="urn:ietf:params:xml:ns:yang:ietf-crypto-types">ct:ssh-public-key-format</public-key-format> | ||
| <public-key>base64==</public-key> - Copy here one line (key) from the authorized_keys of the user | ||
| </public-key> | ||
| </inline-definition> | ||
| <endpoints> | ||
| <endpoint> | ||
| <name>default-ssh</name> | ||
| <ssh> | ||
| <tcp-server-parameters> | ||
| <local-address>0.0.0.0</local-address> | ||
| </tcp-server-parameters> | ||
| <ssh-server-parameters> | ||
| <server-identity> | ||
| <host-key> | ||
| <name>default-key</name> | ||
| <public-key> | ||
| <central-keystore-reference>genkey</central-keystore-reference> | ||
| </public-key> | ||
| </host-key> | ||
| </server-identity> | ||
| <client-authentication> | ||
| <users> | ||
| <user> | ||
| <name>user</name> <!-- User name that can use this authorized key(s) to authenticate itself --> | ||
| <public-keys> | ||
| <use-system-keys xmlns="urn:cesnet:libnetconf2-netconf-server"/> <!-- Uses system authorized keys of the user automatically --> | ||
| <!-- Specific inline definition of an authorized key can be used INSTEAD of system authorized keys (select one method) | ||
| <inline-definition> | ||
| <public-key> | ||
| <name>my-authorized-key</name> | ||
| <public-key-format xmlns:ct="urn:ietf:params:xml:ns:yang:ietf-crypto-types">ct:ssh-public-key-format</public-key-format> | ||
| <public-key>base64==</public-key> - Copy here one line (key) from the authorized_keys of the user | ||
| </public-key> | ||
| </inline-definition> | ||
| --> | ||
| </public-keys> | ||
| <!-- Use password authentication INSTEAD of public keys (select one method) | ||
| <password>$0$pass</password> - Replace "pass" with a clear-text password of the user or use a hashed | ||
| password (details in iana-crypt-hash YANG module) | ||
| --> | ||
| </public-keys> | ||
| <!-- Use password authentication INSTEAD of public keys (select one method) | ||
| <password>pass</password> - Replace "pass" with the password of the user | ||
| --> | ||
|
|
||
| <!-- Use keyboard-interactive authentication INSTEAD of public keys (select one method) | ||
| <keyboard-interactive xmlns="urn:cesnet:libnetconf2-netconf-server"> | ||
| <use-system-auth/> - Will use system mechanisms for authentication the user, usually asking for their password | ||
| </keyboard-interactive> | ||
| --> | ||
| </user> | ||
| </users> | ||
| </client-authentication> | ||
| </ssh-server-parameters> | ||
| </ssh> | ||
| </endpoint> | ||
| <!-- Use keyboard-interactive authentication INSTEAD of public keys (select one method) | ||
| <keyboard-interactive xmlns="urn:cesnet:libnetconf2-netconf-server"> | ||
| <use-system-auth/> - Will use system mechanisms for authentication the user, usually asking for their password | ||
| </keyboard-interactive> | ||
| --> | ||
| </user> | ||
| </users> | ||
| </client-authentication> | ||
| </ssh-server-parameters> | ||
| </ssh> | ||
| </endpoint> | ||
| </endpoints> | ||
| </listen> | ||
| </netconf-server> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,45 +1,42 @@ | ||
| <netconf-server xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-server"> | ||
| <listen> | ||
| <endpoint> | ||
| <name>default-tls</name> | ||
| <tls> | ||
| <tcp-server-parameters> | ||
| <local-address>0.0.0.0</local-address> | ||
| <keepalives> | ||
| <idle-time>1</idle-time> | ||
| <max-probes>10</max-probes> | ||
| <probe-interval>5</probe-interval> | ||
| </keepalives> | ||
| </tcp-server-parameters> | ||
| <tls-server-parameters> | ||
| <server-identity> | ||
| <certificate> | ||
| <keystore-reference> | ||
| <asymmetric-key>serverkey</asymmetric-key> | ||
| <certificate>servercert</certificate> | ||
| </keystore-reference> | ||
| </certificate> | ||
| </server-identity> | ||
| <client-authentication> | ||
| <ca-certs> | ||
| <truststore-reference>cacerts</truststore-reference> | ||
| </ca-certs> | ||
| <ee-certs> | ||
| <truststore-reference>eecerts</truststore-reference> | ||
| </ee-certs> | ||
| </client-authentication> | ||
| </tls-server-parameters> | ||
| <netconf-server-parameters> | ||
| <client-identity-mappings> | ||
| <cert-to-name> | ||
| <id>1</id> | ||
| <fingerprint>02:20:E1:AD:CC:92:71:E9:EA:6A:85:DF:A7:FF:8C:BB:B9:D5:E4:EE:74</fingerprint> | ||
| <map-type xmlns:x509c2n="urn:ietf:params:xml:ns:yang:ietf-x509-cert-to-name">x509c2n:specified</map-type> | ||
| <name>tls-test</name> | ||
| </cert-to-name> | ||
| </client-identity-mappings> | ||
| </netconf-server-parameters> | ||
| </tls> | ||
| </endpoint> | ||
| <endpoints> | ||
| <endpoint> | ||
| <name>default-tls</name> | ||
| <tls> | ||
| <tcp-server-parameters> | ||
| <local-address>0.0.0.0</local-address> | ||
| </tcp-server-parameters> | ||
| <tls-server-parameters> | ||
| <server-identity> | ||
| <certificate> | ||
| <central-keystore-reference> | ||
| <asymmetric-key>serverkey</asymmetric-key> | ||
| <certificate>servercert</certificate> | ||
| </central-keystore-reference> | ||
| </certificate> | ||
| </server-identity> | ||
| <client-authentication> | ||
| <ca-certs> | ||
| <central-truststore-reference>cacerts</central-truststore-reference> | ||
| </ca-certs> | ||
| <ee-certs> | ||
| <central-truststore-reference>eecerts</central-truststore-reference> | ||
| </ee-certs> | ||
| </client-authentication> | ||
| </tls-server-parameters> | ||
| <netconf-server-parameters> | ||
| <client-identity-mappings> | ||
| <cert-to-name> | ||
| <id>1</id> | ||
| <fingerprint>02:20:E1:AD:CC:92:71:E9:EA:6A:85:DF:A7:FF:8C:BB:B9:D5:E4:EE:74</fingerprint> | ||
| <map-type xmlns:x509c2n="urn:ietf:params:xml:ns:yang:ietf-x509-cert-to-name">x509c2n:specified</map-type> | ||
| <name>tls-test</name> | ||
| </cert-to-name> | ||
| </client-identity-mappings> | ||
| </netconf-server-parameters> | ||
| </tls> | ||
| </endpoint> | ||
| </endpoints> | ||
| </listen> | ||
| </netconf-server> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -22,18 +22,18 @@ LN2_MODULES=( | |
| "[email protected]" | ||
| "[email protected]" | ||
| "[email protected] -e crypt-hash-md5 -e crypt-hash-sha-256 -e crypt-hash-sha-512" | ||
| "ietf-crypto-types@2023-04-17.yang -e cleartext-passwords -e cleartext-private-keys" | ||
| "ietf-keystore@2023-04-17.yang -e central-keystore-supported -e inline-definitions-supported -e asymmetric-keys" | ||
| "ietf-truststore@2023-04-17.yang -e central-truststore-supported -e inline-definitions-supported -e certificates -e public-keys" | ||
| "ietf-tcp-common@2023-04-17.yang -e keepalives-supported" | ||
| "ietf-tcp-server@2023-04-17.yang -e tcp-server-keepalives" | ||
| "ietf-tcp-client@2023-04-17.yang -e local-binding-supported -e tcp-client-keepalives" | ||
| "ietf-ssh-common@2023-04-17.yang -e transport-params" | ||
| "ietf-ssh-server@2023-04-17.yang -e local-users-supported -e local-user-auth-publickey -e local-user-auth-password -e local-user-auth-none" | ||
| "ietf-tls-common@2023-04-17.yang -e tls10 -e tls11 -e tls12 -e tls13 -e hello-params" | ||
| "ietf-tls-server@2023-04-17.yang -e server-ident-x509-cert -e client-auth-supported -e client-auth-x509-cert" | ||
| "ietf-netconf-server@2023-04-17.yang -e ssh-listen -e tls-listen -e ssh-call-home -e tls-call-home -e central-netconf-server-supported" | ||
| "libnetconf2-netconf-server@2023-09-07.yang" | ||
| "ietf-crypto-types@2023-12-28.yang -e cleartext-passwords -e cleartext-private-keys" | ||
| "ietf-keystore@2023-12-28.yang -e central-keystore-supported -e inline-definitions-supported -e asymmetric-keys" | ||
| "ietf-truststore@2023-12-28.yang -e central-truststore-supported -e inline-definitions-supported -e certificates -e public-keys" | ||
| "ietf-tcp-common@2023-12-28.yang -e keepalives-supported" | ||
| "ietf-tcp-server@2023-12-28.yang -e tcp-server-keepalives" | ||
| "ietf-tcp-client@2023-12-28.yang -e local-binding-supported -e tcp-client-keepalives" | ||
| "ietf-ssh-common@2023-12-28.yang -e transport-params" | ||
| "ietf-ssh-server@2023-12-28.yang -e local-users-supported -e local-user-auth-publickey -e local-user-auth-password -e local-user-auth-none" | ||
| "ietf-tls-common@2023-12-28.yang -e tls10 -e tls11 -e tls12 -e tls13 -e hello-params" | ||
| "ietf-tls-server@2023-12-28.yang -e server-ident-x509-cert -e client-auth-supported -e client-auth-x509-cert" | ||
| "ietf-netconf-server@2023-12-28.yang -e ssh-listen -e tls-listen -e ssh-call-home -e tls-call-home -e central-netconf-server-supported" | ||
| "libnetconf2-netconf-server@2024-01-15.yang" | ||
| ) | ||
|
|
||
| # get path to the sysrepocfg executable | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters