zERT SSH Summary |
  
|
zERT SSH Summary |
|
This report lists zERT entries and encryption attributes for SSH connections.
Entries are grouped by local IP address, server port and cryptographic attributes.
The report is divided into Server and Client tabs.
Report Parameters
Parameter |
Description |
System |
The SMF ID of the system that wrote the record. |
Jobname |
Local job name. |
Userid |
Local userid. |
IP Address |
Local or remote IP address |
Port |
Server port |
Exclude Loopback |
Exclude connections to the loopback address 127.0.0.1 or ::1 from the report. |
Auth Method |
Filter by first or last authentication method. |
Enc Alg |
Filter by inbound or outbound encryption algorithm. |
Msg Auth |
Filter by inbound or outbound message authentication algorithm. |
Kex Method |
Filter by key exchange method. |
Sig Method |
Filter by server or client certificate signature method. |
Cert Enc Method |
Filter by server or client certificate encryption method. |
Cert Digest Alg |
Filter by server or client certificate digest algorithm |
Key Type |
Filter by key type (raw client or server key, client or server certificate key). |
Columns
Column |
Description |
System |
The system that wrote the record. |
Server IP |
IP Address of the server end of the connection. |
Client IP |
IP Address of the client end of the connection. |
Port |
The server port for the connection, or the starting value of the port range. |
Protocol Ver |
SSH protocol version. |
First Auth |
First or only peer authentication method. |
Last Auth |
The last peer authentication method, if there were multiple. |
Inbound Enc Alg |
Encryption algorithm for inbound traffic. |
Inbound Msg Auth |
Message authentication algorithm for inbound traffic. |
Outbound Enc Alg |
Encryption algorithm for outbound traffic. |
Outbound Msg Auth |
Message authentication algorithm for outbound traffic. |
Kex Method |
Key exchange method. |
Server Key Type |
Server key type. |
Server Key Len |
Server key length. |
Client Key Type |
Client key type. |
Client Key Len |
Client key length. |
Entries |
The number of entries in this grouping. |
Jobname |
The z/OS job name associated with the socket. |
Userid |
The z/OS userid associated with the socket. |
From |
The start time of the first grouped interval. |
To |
The end time of the last grouped interval. |
Connections |
The count of connections in the group - the end connection count minus start connection count for each interval. |
Short Connections |
The count of short connections (less than 10 seconds). |
Partial Connections |
The count of partial connections: connections where the connection existed before or continued to exist after the security session. |
Server Cert Sig Method |
Server certificate signature method. |
Server Cert Enc Method |
Server certificate encryption method. |
Server Cert Digest Alg |
Server certificate digest algorithm. |
Server Cert Key Type |
Server certificate key type. |
Server Cert Key Len |
Server certificate key length. |
Client Cert Sig Method |
Client certificate signature method. |
Client Cert Enc Method |
Client certificate encryption method. |
Client Cert Digest Alg |
Client certificate digest algorithm. |
Client Cert Key Type |
Client certificate key type. |
Client Cert Key Len |
Client certificate key length. |
Source |
Source of the information: Observation or Provider. |