Creating a Remote Command Console

The remote command console is created and managed as a facility in the standard iSM Administration Console. To create a new remote command console, click Command Consoles in the Facilities group on the left pane, as shown in the following image.

The Command Consoles pane opens, as shown in the following image.

If no remote command consoles have been configured, then the screen will be empty, as currently shown.

If a remote command console has been configured, then it will be listed in the Command Consoles pane (for example, Remote1), as shown in the following image.

Note: You can only have a single remote command console configured in any given configuration.

Click New in the Command Consoles pane to configure a remote command console.

The Command Consoles configuration pane opens, as shown in the following image.

The Command Consoles configuration pane contains a table with the following groups of parameters:

The first groups (Component Properties and Configuration Parameters for Command Console) define the remote command console and how it will be reached. If no other parameters are configured, then the remote command console will be a standard Telnet command console using the console realm for security.

The Security group can be configured as needed. In this case the remote command console will operate using SSH, with a configured realm (for example, LDAP) and an underlying SSH provider. For more information, see the iWay Service Manager Security Guide.

Parameter

Applies to Telnet?

Applies to Telnet SSL?

Applies to SSH?

Allowable Clients

Yes

Yes

Yes

Security Type

N/A

N/A

N/A

Client Authentication

No

Yes

No

Authentication Realm

Yes

Yes

No

Security Provider

No

Yes (SSL provider)

Yes (SSH provider)

Events are supported in the Events group, as shown in the following image.

The following table lists and describes each of the available configuration parameters for a remote command console.

Note: An asterisk indicates a required parameter.

Parameter

Definition

Component Properties

Name*

A unique name that will be used to identify the remote command console.

Description

A brief description for the remote command console, which will also be displayed in the Command Consoles pane.

Configuration Parameters for Command Console

Port*

TCP port for receipt of Command Console requests.

Local Bind Address

Local bind address for multi-homed hosts: usually leave empty

Session Timeout*

The maximum time between commands, in seconds. A value of zero (0) means no timeout. The highest maximum value that can be entered is 10000 seconds. The default value is 600 seconds.

Number of Connections

Reject new connections after the specified number of connections are active. A value between 1 and 20 must be entered. The default value is 1 connection.

Security

Allowable Clients

If supplied, only messages from this list of fully qualified host names and/or IP addresses are accepted. Enter as a comma-separated list or use the _file() function.

Security Type

Select one of the following values from the drop-down list:

  • none. Implies that the connection and command stream are not encrypted.
  • ssl. Wraps the connection and command stream in an encrypted Secure Socket Layer (SSL).
  • ssh. Provides secure shell (SSH) encryption and packet handling.

The default value selected is none.

Client Authentication

If set to true and when the Security Type parameter is set to ssl, then the client's certificate must be trusted by the Telnet server for a connection to be created. Not used when the Security Type parameter is set to none or ssh.

Authentication Realm

When the Security Type parameter is set to none or ssl, the specify the name of a configured authentication realm to validate logins. For full access to management commands, the user must be assigned the admin role. If not supplied, logins will be delegated to the web console's user database. Not used when the Security Type parameter is set to ssh. For SSH console, authentication options are configured in the SSH provider.

Security Provider

Required if security is enabled (Security Type parameter value of ssl or ssh). This security provider will be used to secure the channel. When the Security Type parameter is set to ssl, then specify the name of an SSL Context Provider. When the Security Type parameter is set to ssh, then specify an SSH Provider.

Events

Channel Failure Flow

Name of a published process flow to run if this channel cannot start or fails during message use. The server will attempt to call this process flow during channel close down due to the error.

Channel Startup Flow

Name of a published process flow to run prior to starting the channel.

Channel Shutdown Flow

Name of a published process flow to run when the channel is shut down.