8: SSH and SSL Security

b)If the keys do not exist, select the Create New Keys section. Click host keys.

Key Type and the key’s Bit Size from the Submit to create new private and public

Note: Generating new keys with a large bit size results in very long key generation time.

3.Click SSH Æ Server Auth Users from the navigation menu. The SSH Server: Authorized Users page displays.

4.Enter the Username and Password for authorized users.

5.If available: locate the Public RSA Key or the Public DSA Key by clicking Browse. Configuring a public key results in public key authentication; this bypasses password queries.

Note: When uploading the certificate and the private key, ensure the private key is not compromised in transit.

SSH Client Configuration

To configure the XPort AR as an SSH client, there is one requirement:

‹An SSH client user is configured and exists on the remote SSH server.

To configure SSH client settings:

1.Click SSH Æ Client Users from the navigation menu. The SSH Client: Users page displays.

2.(Required) Enter the Username and Password to authenticate with the SSH server.

3.(Optional) Complete the SSH client user information as necessary. The Private Key and Public Key automate the authentication process; when configured and the user public key is known on the remote SSH server, the SSH server does not require a password. (Alternatively, generate new keys using the Create New Keys section.). The Remote Command is provided to the SSH server. It specifies the application to execute upon connection. The default is a command shell.

Note: Configuring the SSH client’s known hosts is optional. It prevents Man- In-The-Middle (MITM) attacks.

Secure Sockets Layer: SSL

SSL uses cryptography to offer authentication and privacy to message transmission over the Internet. Typically, only the server is authenticated. SSL allows the communication of client/server applications without eavesdropping and message tampering. SSL uses the public-and-private key encryption system from RSA, which also includes the use of a digital certificate.

SSL runs on layers between application protocols (HTTP, SMTP, etc.) and the TCP transport protocol. It is most commonly used with HTTP (thus forming HTTPS).

On the XPort AR, configure an SSL certificate for the HTTP server to listen on the HTTPS port. This certificate can be created elsewhere and uploaded to the device.

XPort AR User Guide

126

Page 125 Page 127
Page 126
Image 126
Lantronix XPort AR manual Secure Sockets Layer SSL, SSH Client Configuration, To configure SSH client settings
Page 125 Page 127
Top Page Image Contents