Manualshelf

User Manual

ManualsBrandsLantronix ManualsComputers & AccessoriesLantronix CONSLE Server 10/100MBPS ENET (SCS400-02)
919293949596979899100
IP Establishing Sessions
6-11
When the SCS first powers on, it generates an ephemeral host key which is regenerated every hour.
Incoming SSH connections will not be permitted until this key generation is complete. Outgoing SSH is not
affected.
To form an SSH connection to an SCS, start your SSH client software. On UNIX, the appropriate command
is ssh followed by the SCS name. To connect to a specific SCS port, use serial network port 22xx, where xx
is the port number. In the example below, an SSH connection is formed to port 2 of scs2. For the appropriate
SSH options for your system, enter man ssh or view your client software’s help files for a full listing of
instructions and syntax requirements.
Figure 6-27: Forming an SSH Connection
This command initiates the authentication protocol, which involves server authentication through
permanent host keys (which requires no user interaction after initial setup) and user authentication.
Note: For a successful incoming SSH connection, RSA and/or local password user
authentication must be configured.
6.5.2.1 Permanent Host Key
When you power on the SCS for the first time, it generates a permanent host key. This key will be used to
identify itself, and will only be replaced (with a new key) if the file storing the key is deleted and the SCS
is rebooted. This key pair is stored in /flash/ssh/host_rsa_key.pub and /flash/ssh/host_rsa_key.
The Server may take a few minutes to generate a new Server key if it is ever deleted. Clients connecting to
a Server with a new host key may display appropriate warning or error messages.
6.5.2.2 RSA User Authentication
If you plan on using RSA user authentication for connections to the SCS, you must make an
AUTHORIZED_KEYS file and store it in the SCS’s /flash/ssh/ directory before you attempt your first SSH
connection. The AUTHORIZED_KEYS file consists of each user's public keys. For example, on a UNIX
host, your public key is stored in a file called .ssh/identity.pub.
Create a file including the complete text of your identity.pub file, plus the public keys of any other users
you want to authenticate for connections to the SCS, and save it in the SCS’s /flash/ssh/ directory.
If this file is located at SSH connection time, and the public key of the user is valid, the user will
automatically be logged into the Local> prompt or, if user authentication is configured on that port, the user
may be prompted for his username and password. See Database Configuration on page 11-8 for information
on configuring user authentication.
If this file is not located at connection time, the SCS proceeds to password authentication.
% ssh -p2202 scs2