SSH Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

131

132

133

134

135

136

137

138

139

140

allow defining default values for these USER attributes on a global level. If multiple CPUs are configured, then these

will be used in a round-robin fashion.

Another way of load balancing of incoming SSH connections is to configure multiple IP processes for one SSH2 process

(see parameter SUBNET) and let users connect to different IP addresses of the NonStop system. In this way the TCP/IP

traffic load is distributed over the CPUs if the configured TCP/IP processes run in different CPUs.

Fault Tolerance

SSH2 can be configured to ensure constant availability of NonStop-based SSH applications across the network. Running

on the Guardian platform, SSH2 takes advantage of the fundamental availability characteristics of NonStop™.

SSH2 services can be configured as generic processes, enabling automatic recovery from failures, such as CPU outages.

SSH2 can also be started as a NonStop process pair. Both mechanisms will not prevent sessions to fail after the primary

CPU of the SSH2 process goes down. However, SSH2 will restart operation in a backup CPU, ensuring that clients can

reconnect immediately.

Configuring SSH2 as a NonStop Process Pair

SSH2 can easily be started as a NonStop process pair by specifying the BACKUPCPU parameter as follows:

RUN SSH2/ NAME $SSH00, CPU 0, .../ ALL; BACKUPCPU ANY; ...

In case of a failure of the primary CPU, the backup process of SSH2 will take over and restart the operation.

Configuring SSH2 as a Generic Process

The following sample SCF commands can be used to configure a SSH2 server as a generic process:

ALLOW ALL ERRORS

ASSUME PROCESS $ZZKRN

ABORT #SSH2

DELETE #SSH2

ADD #SSH2, AUTORESTART 10, &

HOMETERM $ZHOME, &

PRIORITY 158, &

PROGRAM $SYSTEM.COMFSSH2.SSH2, &

DEFAULTVOL $SYSTEM.COMFSSH2, &

NAME $SSH2, &

STARTUPMSG "SERVER; PORT 22; SUBNET $ZTC01; LOGCONSOLE *; &

LOGFILE SSHLOG ", &

STARTMODE MANUAL, &

USERID SUPER.SUPER , &

CPU FIRST

START #SSH2

INFO #SSH2

STATUS #SSH2

Before running SSH2 as a generic process, we recommend that you have a working RUN SSH2 command at the TACL

level. This command should be easy to convert to the respective SCF ADD command. For example, the SSH2 startup

line parameters are specified with the STARTUPMESSAGE parameter.

If running SSH2 as a generic process, we recommend that users send the SSH2 log output to a log file instead of writing

it to the home terminal, which is the default approach. In the example above, console logging is turned off, while log

messages are written to the SSHLOG file on the default volume.

If you want to configure multiple SSH2 servers listening on the same port with parallel library TCP/IP or TCP/IPV6

round-robin filtering, you may specify the filter key with the PTCPIPFILTERKEY

configuration parameter or add define

=PTCPIP^FILTER^KEY for the generic process (defines can be added to generic processes since G06.28/H06.06).

HP NonStop SSH Reference Manual Configuring and Running SSH2 • 135