![](/images/new-backgrounds/1118193/118193119x1.webp)
Password Protection
To configure simple password authentication for an SSH user, no
set user name=name password=on
newpass name=name
where name is a user name
Example:
set user
newpass
Using a Public Key
To enable public key authentication and to associate a public key with a user, enter the following command:
set user name=name loadkey=host:key
where
•name is the name of a user
•host is either an IP address or DNS name of a host running TFTP that holds
•key is the name of a file that contains the DSA public key. If your host’s implementation requires a complete path to the file, specify the path here as well.
Example:
set user name=secure
Making Reverse SSH Connections to Ports
The convention used to identify a port for a reverse SSH connection to a Digi device is to use 2500 + the port number. See the examples that follow for more information.
Example: Reverse SSH Connection to Port 1
ssh 192.1.2.3 2501
Example: Reverse SSH Connection to Port 4
ssh 192.1.2.3 2504
Controlling Access to Services
This section describes how to disable services, such as Telnet and Rlogin, for inbound users, which means that they cannot access the Digi device using those services. This feature allows you to turn off individual services or to specify a security level, which means that all services not included in that level are turned off.
Services that Can Be Turned Off
The following services can be turned off.
•HTTP
60 | Chapter 12 Configuring Security Features |