RE: [Isms] #9: Can an existing R/R session be reused for notifications?

["Kaushik Narayan \(kaushik\)" <kaushik at cisco.com>]

I certainly hope we consider the possibility since SSH does allow
multiple channels to be created within a session.

We do need to consider the issue that the principals that are
authenticated in either direction are not symmetric and we might need to
figure out they can be mapped to allow a channel for NMS to agent to be
reused for agent to NMS. i.e In the case of a R/R channel, the client is
a NMS user that authenticates to the SSH server on the agent, the server
authenticates via it's public key. The agent (SNMP engine) will
authorize the requests based on that user. In case of notifications, we
will need the agent (notification originator) to authenticate the NMS
host identity via it's public key and provide client identity
(configured username)and credentials to authenticate itself to the NMS
(Notification reciever).

 

-----Original Message-----
From: isms-bounces at lists.ietf.org [mailto:isms-bounces at lists.ietf.org]
On Behalf Of David B Harrington
Sent: Thursday, October 13, 2005 2:51 PM
To: isms at ietf.org
Subject: [Isms] #9: Can an existing R/R session be reused for
notifications?



David Harrington
dbharrington at comcast.net




_______________________________________________
Isms mailing list
Isms at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/isms

_______________________________________________
Isms mailing list
Isms at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/isms