| SMS Services | |
| Setting | Description |
| SSH | Secure communication connection used for CLI. Requires Super User access. SSH is enabled by default. When enabled, you can set the login grace time. The grace time is the amount of time a user has to enter a password and establish a connection. The SMS disconnects after this time if the user has not successfully logged in. The default is 60 seconds, but you can set the time from 30 to 600 seconds. A limit of three invalid SSH connection attempts can now be configured. When set at 3, the SSH disconnects after three unsuccessful attempts. |
| HTTPS | Secure network communication for web pages. Enabling HTTPS enables SMS web services. HTTPS is enabled by default. |
| HTTP | Unsecured network communication connection for web pages. Enabling HTTP enables SMS web services. |
| Telnet | An unsecured network connection is used for CLI, which requires Super User access. |
| Ping | Allows the SMS to respond to an ICMP request. Ping is enabled by default. |
From the SMS Client:
- Log in to the SMS from a client.
- On the SMS toolbar, navigate to the Admin > Server Properties tab.
- Select the Management tab.
- In the Services area, click the check box for the services you want to enable or uncheck the Enable check box for services you do not want to be enabled.
Note: HTTP and telnet are not enabled by default. Enabling these services opens unsecured network communications on the SMS server.
From the SMS CLI:
1. Log in to the SMS CLI via SSH
2. Run the command: get svc
Sample Output:
| FIPS mode | (svc.fips-enable ) | = disabled |
| FIPS transition mode | (svc.fips-transition) | = |
| Enable HTTP (non-secure web access) | (svc.http-enable ) | = no |
| Enable HTTPS (secure web access) | (svc.https-enable ) | = yes |
| Enable Network Time Protocol | (svc.ntp-enable ) | = yes |
| Enable inbound pings (ICMP Echo Resp) | (svc.ping-enable ) | = no |
| Enable SSH (secure remote CLI) | (svc.ssh-enable ) | = yes |
| Enable Telnet (non-secure remote CLI) | (svc.telnet-enable ) | = no |
To change (disable/enable) individual services, issue the "set" command followed by the string in parenthesis ().
Example: set svc.ping-enable = yes
You can verify that it was enabled by re-issuing the "get svc" command:
Sample Output:
| FIPS mode | (svc.fips-enable ) | = disabled |
| FIPS transition mode | (svc.fips-transition) | = |
| Enable HTTP (non-secure web access) | (svc.http-enable ) | = no |
| Enable HTTPS (secure web access) | (svc.https-enable ) | = yes |
| Enable Network Time Protocol | (svc.ntp-enable ) | = yes |
| Enable inbound pings (ICMP Echo Resp) | (svc.ping-enable ) | = yes |
| Enable SSH (secure remote CLI) | (svc.ssh-enable ) | = yes |
| Enable Telnet (non-secure remote CLI) | (svc.telnet-enable ) | = no |