Attachmate Worldwide  |   Contact Us  |   NetIQ.com
Home » Support » Solution Library

Technical Notes

Configuring Secure Shell Connections Using Settings Files
Technical Note 1659
Last Reviewed 09-May-2005
Applies To
Reflection for HP version 10.0 or higher
Reflection for IBM version 10.0 or higher
Reflection for UNIX and OpenVMS version 10.0 or higher
Reflection Security Components version 10.x
Summary

This note describes how you can use the Reflection Profiler to create a site default settings file that configures every newly created Reflection session to use Secure Shell as the default connection type. Also, by running the macro described in this technical note, you can migrate prior version settings files, regardless of their current connection type, to use an SSH connection.

Before You Start

Before you begin, review the Reflection Deployment Guide, http://www.attachmate.com/docs/reflection/14.0/deploy.pdf, for an overview of how to customize a Reflection installation and how to prepare a profiled version of Reflection for distribution to your users. For information about Reflection Secure Shell, see Technical Note 1857 (version 13.0) or Technical Note 1727 (version 10.0 – 12.x).

Note the following:

  • Beginning in Reflection 13.0, the SSH connection is called Secure Shell. Earlier Reflection versions called the SSH connection OpenSSH.
  • Beginning in Reflection 11.0, Reflection security features are incorporated in the product. In Reflection 10.x, security features were provided as a separate component (Reflection Security Components), which is no longer available. If you require security features for Reflection 10.x, you must upgrade to a later version of Reflection.

Configuring Secure Shell Connections

You can use a site default settings file to configure every newly created session to use a Secure Shell connection type. And, if you have prior version settings files that don't use a Secure Shell connection type, you can create a migration macro that will change the connection type to Secure Shell.

Using a Site Default Settings File

In a site default settings file, you can define the default values for settings such as host connection, default toolbar, display, and keyboard mapping. For example, if you create a site default settings file with Secure Shell configured as the connection type, when Reflection is launched without a settings file, the site default settings file is loaded configuring Secure Shell as the connection type. If new settings are configured by a user during this session and then saved, the new settings and the site default settings will be saved to the same settings file. If a user sets Reflection to default settings, the site default settings that you defined will be used.

However, when Reflection is launched with prior version settings file, the site default settings file is not loaded, and therefore, the existing connection type remains as it was originally configured (the connection type is not changed to Secure Shell). If you want to migrate prior version settings files to change the connection type, you can use the Reflection Profiler to run a macro that will update these files.

Running a Macro to Migrate Existing Settings

The Reflection Profiler has a feature that enables you to use the Reflection scripting languages to run a macro, or script, when a settings file is loaded. When you use this feature to associate a macro with a settings file, when the settings are loaded, the associated macro is run prior to connection. By doing this you can introduce updated information to older settings files without having to manually update each file. For example, you can change the connection type to Secure Shell.

Configuring Secure Shell Connections for All New Settings Files

To configure Reflection to use Secure Shell connections for all new settings files, create a site default settings file with the Connection Type set to Secure Shell. This will also set Connection Setting SSH Term Type to VT220. Once created, use the Reflection Profiler to configure Reflection to reference the site default settings file whenever a new settings file is created.

Creating the Site Default Settings File

To configure Secure Shell connection settings:

Note: Prior to version 13.0, Secure Shell was called OpenSSH.

  1. Start Reflection for Windows. Click Connection > Connection Setup.
  2. In the Connect Using group box, select Network, and then select Secure Shell from the connection list.
  3. In the Connection Options group box, leave the user name blank so that this settings file can be shared with multiple users. If you only have one host, you can enter the host name. If you have multiple hosts, leave it blank.
  4. Optional. If you need to configure additional Secure Shell settings, click Security to open the Reflection Secure Shell Settings dialog box. Once you have configured the settings, click OK to save them. Secure Shell settings are saved to <My Documents>\Reflection\.ssh\config. To deploy the config file see the section on "Deploying Custom Secure Shell Settings" in Technical Note 1727. Click OK to exit the Connection Setup dialog box.
  5. Click File > Save and save the settings file. For this example, the saved file is named SiteSSH.r2w.

Save your settings file to a shared location on a network server or locally on the workstation. If you plan to deploy the site default file to users' workstations, save it to the same location as the Reflection executable (Program Files\Reflection).

Profiling Reflection to Use Site Default Settings

Once you have created the site default settings file, you can use the Reflection Profiler to configure Reflection to reference this settings file whenever a Reflection session is opened without a settings file. Use the Reflection Customization Manager (called Reflection Deployment Manager in versions earlier than 12.0) to run the Profiler and incorporate the site defaults into your deployment.

  1. Start Reflection Customization Manager and open your Administrative installation to customize a Reflection installation.
  2. Enter a name for the Windows Installer transform and click OK.
  3. On the Customize Reflection Installations panel, click Define Profiles and Default Settings.
  4. Select the Reflection Product you are using, and click Define.
  5. On the Files tab, in the "Site default settings file" group box, click Browse to open the Settings File dialog box. Browse and select the settings file you saved above (named SiteSSH.r2w). Click Open. You will see the path and name of the file. For example, C:\Program Files\Reflection\SiteSSH.r2w.
  6. Click OK to exit the Reflection for Windows Profiler.
  7. Click OK to exit the Define Profiles and Default Settings dialog box.
  8. Make any additional customizations as needed for your installation.
  9. Click Exit to close the Customization Manager.

Note: Reflection for Windows versions 10.0.0 through 10.0.2 does not support environment variable names in the path to the settings file. Starting in version 10.0.3, you can use environment variable names such as %ProgramFiles%.

Migrating Prior Version Settings Files to Use Secure Shell Connections

To configure prior version Reflection settings files to use Secure Shell connections, you must create and save a migration macro. Once created, use the Reflection Profiler to configure Reflection to run the macro when opening a settings file.

Creating and Saving a Migration Macro

Use the migration macro below to convert prior version settings files to use a Secure Shell connection.

When Reflection is launched and a settings file is opened, this migration macro checks the connection type. If the connection type is not Secure Shell, the macro saves the current host name, changes the connection type, and prompts for the user name.

To use this macro,

  1. Launch Reflection with SiteSSH.r2w.
  2. Click Macro > Visual Basic Editor.
  3. In the Visual Basic Editor, click Insert > Module.
  4. Copy and paste the code to the editor.
  5. Click File > Save to save the macro.
Sub SetSSH()
    With Session
    If .ConnectionType <> "OpenSSH" Then
        'Save the hostname if currently set. This value is
        'set to null when you change the value of .ConnectionType.
         myHostName = .ConnectionSetting("Host")
       
        'Set connection to OpenSSH.
        .ConnectionType = "OpenSSH"
        
        'If the host name is empty, then prompt user to supply it.
        If myHostName = "" Then
            myHostName = .InputBox("Host to connect", _
            "OpenSSH Host Name")
            If myHostName = "" Then
                Exit Sub
            End If
        End If
        .ConnectionSettings = "Host " & myHostName
       
        'Find out the username
        myUserName = .ConnectionSetting("UserName")
            
        'If the UserName is empty prompt the user to supply it.
        If myUserName = "" Then
              myUserName = .InputBox("Please enter your user name.", _
                "OpenSSH UserName")
              If myUserName = "" Then Exit Sub
         End If
         .ConnectionSettings = "UserName " & myUserName

    End If
End With
End Sub


Profiling Reflection to Run Script When Opening a Settings File

Configure the Reflection Profiler to run the script when opening a prior version settings file. Use the Reflection Customization Manager (called Reflection Deployment Manager in versions earlier than 12.0) to run the macro.

  1. Start Reflection Customization Manager and open your Administrative installation to customize a Reflection installation.
  2. Enter a name for the Windows Installer transform and click OK.
  3. On the Customize Reflection Installations panel, click Define Profiles and Default Settings.
  4. Select the Reflection product you are using, and click Define.
  5. On the Files tab, in the "When a settings file is opened" group box, under "Run this script or macro when a prior version is opened," click Browse and select the settings file you saved above. Click Open. You will now see the path and name of file followed by /<MacroName>. You must specify the macro name. It is also good practice to specify the module name. In the example above, you would enter module1.SetSSH. For example,
C:\Program Files\Reflection\SiteSSH.r2w/module1.SetSSH

This will configure the script to run whenever a prior version settings file is opened.

  1. Click OK to exit the Reflection for Windows Profiler.
  2. Click OK to exit the Define Profiles and Default Settings dialog box.
  3. Make any additional customizations as needed for your installation.
  4. Click Exit to close the Customization Manager.

Note the following:

  • If you want to deploy the settings file that contains the migration macros to the workstation, you can use Reflection Customization Manager to create a companion package or use other deployment tools, such as SMS, to deploy the file. You must deploy it to the same path and name specified in step 5.
  • Reflection for Windows versions 10.0.0 through 10.0.2 does environment variable names in the path to the settings file. Starting in version 10.0.3, you can use environment variable names such as ProgramFiles.
Related Technical Notes
1727 Best Practices for Configuring Reflection OpenSSH
1857 Best Practices for Configuring Reflection Secure Shell
9993 Index of Reflection Scripting Technical Notes

Did this technical note answer your question?

Yes    No    Somewhat     Not sure yet

Additional comments about this tech note:

Need further help? For technical support, please contact Support.