Manualshelf

User guide

ManualsBrandsDigi ManualsComputer equipmentTS 8 MEI
41424344454647484950
Configure Security Features
Chapter 1 Command Line Configuration Tasks 41
Configure SSH Version 2 Encryption for Secure Communication
Users can be configured to use SSH version 2 encryption for secure
communication. SSH keys need to be generated from your SSH client.
SSH is supported in Digi One IAP and all PortServer TS Family products.
To configure simple password authentication for an SSH user, no SSH-
specific configuration is required. Configure a user by entering:
#> set user name=name password=on
#> newpass name=name
where name is a user name. For example:
#> set user name=ssh-user1
#> newpass name=ssh-user1
For more information, see "set user" on page 230, and "newpass" on page
69.
Use a Public Key
To enable public key authentication and to associate a public key with a
user, enter:
#> set user name=name loadkey=host:key
where
name is the name of a user
host is either an IP address or DNS name of a host running TFTP that
holds
key is the name of a file that contains the DSA public key. If your host’s
implementation requires a complete path to the file, specify the path
here as well. SSH keys need to be generated from your SSH client.
For example:
#> set user name=secure loadkey=192.168.2.34:ssh-file
See "set user" on page 230 for more information.
Make Reverse SSH Connections to Ports
The convention used to identify a port for a reverse SSH connection to a
Digi device is to use base_port+ 500 + port_number. The base_port is
pre-configured as 2000, so by default, the base_port value is 2500+port.
For example:
Reverse SSH connection to Port 1: ssh 192.1.2.3 2501
Reverse SSH connection to Port 4: ssh 192.1.2.3 2504