Configuring Remote SSH Host Connectors

Scripts run via SSH on remote hosts (targets).

Connector Overview: Remote SSH Host

Capabilities

  • Collect: No

  • Respond: Yes

  • Native Alerts Mapped: No

  • Runs on: DP or Sensor

  • Interval: N/A

Collected Data

N/A

Domain

https://<Hostname>:<Port>

where <Hostname> and <Port> are variables from the configuration of this connector

Response Actions

Action

Required Fields

Run a Script

N/A (always enabled)

Third Party Native Alert Integration Details

N/A

Required Credentials

  • Hostname, Port, Username, and Password

               Let us know if you find the above overview useful.

Adding the Connector in Stellar Cyber

To add a new remote SSH host connector in Stellar Cyber:

  1. Log in to Stellar Cyber.

  2. Click System | Integration | Connectors. The Connector Overview appears.

  3. Click Create. The General tab of the Add Connector screen appears. The information on this tab cannot be changed after you add the connector.

    The asterisk (*) indicates a required field.

  4. Choose Remote Host from the Category drop-down.

  5. Choose SSH Host from the Type drop-down.

  6. For this connector, the supported Function is Respond, which is enabled already.

  7. Enter a Name.

    Notes:
    • This field does not accept multibyte characters.
    • It is recommended that you follow a naming convention such as tenantname-connectortype.
  8. Choose a Tenant Name. The Interflow records created by this connector include this tenant name.

  9. Choose the device on which to run the connector.

    • Certain connectors can be run on either a Sensor or a Data Processor. The available devices are displayed in the Run On menu. If you want to associate your collector with a sensor, you must have configured that sensor prior to configuring the connector or you will not be able to select it during initial configuration. If you select Data Processor, you will need to associate the connector with a Data Analyzer profile as a separate step. That step is not required for a sensor, which is configured with only one possible profile.

    • If the device you're connecting to is on premises, we recommend you run on the local sensor. If you're connecting to a cloud service, we recommend you run on the DP.

  10. Click Next. The Configuration tab appears.

  11. The asterisk (*) indicates a required field.

  12. Enter the Hostname.

    Do include https in the Hostname.

  13. Enter the Port.

  14. Enter the Username to log in to the SSH host.

  15. Enter the Password.

    The password should not include non-ASCII special characters.

  16. Click Next. The final confirmation tab appears.

  17. Click Submit.

The remote host is immediately added.