Home » Lantronix Manuals » Electronics Accessories » Lantronix SLB » Manual Viewer

Lantronix SLB Lantronix SLB - User Guide - Page 193

SSH Keys, Imported Keys

Add to My Manuals
Save this manual to your list of manuals

Page 193 highlights

To delete a group: 1. Select the group in the Groups table. 2. Click the Delete Group button. 11: User Authentication SSH Keys The SLB can import and export SSH keys to facilitate shared key authentication for all incoming and outgoing SSH connections. By using a public/private key pair, a user can access multiple hosts with a single passphrase, or, if a passphrase is not used, a user can access multiple hosts without entering a password. In either case, the authentication is protected against security attacks because both the public key and the private key are required to authenticate. For both imported and exported SSH keys, the SLB supports both RSA and DSA keys, and can import and export keys in OpenSSH and SECSH formats. Imported and exported keys are saved with the SLB configuration, and the administrator has the option of retaining the SSH keys during a reset to factory defaults. The SLB can also update the SSH RSA1, RSA and DSA host keys that the SSH server uses with site-specific host keys or reset them to the default values. Imported Keys Imported SSH keys must be associated with an SLB local user. The key can be generated on host "MyHost" for user "MyUser," and when the key is imported into the SLB, it must be associated with either "MyUser" (if "MyUser" is an existing SLB local user) or an alternate SLB local user. The public key file can be imported via SCP or FTP; once imported, you can view or delete the public key. Any SSH connection into the SLB from the designated host/user combination uses the SSH key for authentication. Exported Keys The SLB can generate SSH keys for SSH connections out of the SLB for any SLB user. The SLB retains both the private and public key on the SLB, and makes the public key available for export via SCP, FTP, or copy and paste. The name of the key is used to generate the name of the public key file that is exported (for example, .pub), and the exported keys are organized by user and key name. Once a key is generated and exported, you can delete the key or view the public portion. Any SSH connection out of the SLB for the designated host/user combination uses the SSH key for authentication. To configure the SLB to use SSH keys to authenticate users: 1. From the main menu, select User Authentication - SSH Keys. The following page displays. SLB - Branch Office Manager User Guide 193

Section	Page
SLB - Branch Office Manager User Guide	1
Copyright & Trademark	2
Open Source Software	2
Contacts	2
Disclaimer & Revisions	2
Revision History	3
Table of Contents	4
List of Figures	13
List of Tables	16
1: About this Guide	17
Purpose and Audience	17
Summary of Chapters	17
Additional Documentation	18
2: Introduction	19
Features	19
Models	22
System Features	23
Application Example	24
Hardware Features	25
3: Installation	29
What's in the Box	29
Technical Specifications	30
Physical Installation	31
Typical Installations	35
4: Quick Setup	36
Recommendations	36
IP Address	36
Method #1 Using the Front Panel Display	37
Method #2 Quick Setup on the Web Page	40
Method #3 Quick Setup on the Command Line Interface	42
Next Step	45
5: Web and Command Line Interfaces	46
Web Interface	46
Command Line Interface	48
6: Basic Parameters	52
Requirements	52
IP Filter	58
IP Filter Commands	62
Routing	63
VPN	65
7: Services	68
System Logging and Other Services	68
SSH/Telnet/Logging	68
SNMP	72
NFS and SMB/CIFS	75
Secure Lantronix Network	77
Date and Time	82
Web Server	84
iGoogle Gadgets	88
8: Device Ports	90
Connection Methods	90
Permissions	90
Device Status	91
Global Port Settings	91
Device Ports - Settings	94
Interacting with a Device Port	106
Device Ports - Logging	107
Console Port	112
Power Outlets	114
Host Lists	117
Scripts	121
Sites	134
Modem Dialing States	137
9: USB Port	141
Set Up of USB Storage	141
Manage Firmware and Configuration Files	148
USB Commands	148
10: Connections	150
Typical Setup Scenarios for the SLB	150
11: User Authentication	157
Local and Remote User Settings	160
NIS	168
LDAP	171
RADIUS	176
Kerberos	182
TACACS+	186
Groups	190
SSH Keys	193
Custom Menus	199
12: Maintenance	206
SLB Maintenance	206
Audit Log	219
Email Log	220
Diagnostics	221
Status/Reports	225
Emailing Logs and Reports	227
Events	230
LCD/Keypad	232
Banners	234
13: Application Examples	236
Dial-in (Text Mode) to a Remote Device	238
Local Serial Connection to Network Device via Telnet	239
14: Command Reference	241
Introduction to Commands	241
Administrative Commands	243
Audit Log Commands	251
Authentication Commands	251
Kerberos Commands	252
LDAP Commands	253
Local Users Commands	254
NIS Commands	257
RADIUS Commands	258
TACACS+ Commands	259
User Permissions Commands	260
CLI Commands	262
Connection Commands	264
Custom User Menu Commands	267
Date and Time Commands	269
Device Commands	270
Device Port Commands	271
Diagnostic Commands	274
End Device Commands	276
Events Commands	277
Group Commands	278
Host List Commands	279
IP Filter Commands	280
Logging Commands	281
Network Commands	282
NFS and SMB/CIFS Commands	285
Power Commands	286
Routing Commands	287
Services Commands	288
SLB Network Commands	289
SSH Key Commands	290
Status Commands	292
System Log Commands	294
USB Storage Commands	294
USB Modem Commands	295
Appendix A: Bootloader	297
Accessing the Bootloader	297
Bootload Commands	297
Appendix B: Security Considerations	298
Security Practice	298
Factors Affecting Security	298
Appendix C: Safety Information	299
Safety Precautions	299
Appendix D: Adapters and Pinouts	301
Appendix E: Protocol Glossary	304

Match case Limit results 1 per page

11: User Authentication

SLB - Branch Office Manager User Guide

193

To delete a group:

Select the group in the

Groups

table.

Click the

Delete Group

button.

SSH Keys

The SLB can import and export SSH keys to facilitate shared key authentication for all incoming

and outgoing SSH connections. By using a public/private key pair, a user can access multiple

hosts with a single passphrase, or, if a passphrase is not used, a user can access multiple hosts

without entering a password. In either case, the authentication is protected against security attacks

because both the public key and the private key are required to authenticate. For both imported

and exported SSH keys, the SLB supports both RSA and DSA keys, and can import and export

keys in OpenSSH and SECSH formats. Imported and exported keys are saved with the SLB

configuration, and the administrator has the option of retaining the SSH keys during a reset to

factory defaults.

The SLB can also update the SSH RSA1, RSA and DSA host keys that the SSH server uses with

site-specific host keys or reset them to the default values.

Imported Keys

Imported SSH keys must be associated with an SLB local user. The key can be generated on host

"MyHost" for user "MyUser," and when the key is imported into the SLB, it must be associated with

either "MyUser" (if "MyUser" is an existing SLB local user) or an alternate SLB local user. The

public key file can be imported via SCP or FTP; once imported, you can view or delete the public

key. Any SSH connection into the SLB from the designated host/user combination uses the SSH

key for authentication.

Exported Keys

The SLB can generate SSH keys for SSH connections out of the SLB for any SLB user. The SLB

retains both the private and public key on the SLB, and makes the public key available for export

via SCP, FTP, or copy and paste. The name of the key is used to generate the name of the public

key file that is exported (for example, <keyname>.pub), and the exported keys are organized by

user and key name. Once a key is generated and exported, you can delete the key or view the

public portion. Any SSH connection out of the SLB for the designated host/user combination uses

the SSH key for authentication.

To configure the SLB to use SSH keys to authenticate users:

From the main menu, select

User Authentication - SSH Keys

. The following page displays.