User Tools

Site Tools


userguide:shell:shellconfig

Shell

Server Administration > Network Services > Shell

The Shell menu allows you to configure services, such as telnet and ssh, that users with shell access can use to connect to this server appliance. As BlueOnyx includes support for both password and key authentication, options for setting up both types of authentication are included in the Basic Settings and SSH Key /Cert Management configuration tabs.


Basic Settings

Enable Telnet Server

Enabling telnet allows users with shell access to connect to this server using telnet client software.

Enable SSH Server

Enabling ssh allows users with shell access to connect to this server using ssh client software. Use of ssh is generally considered more secure than use of telnet since ssh encrypts all data including passwords that are sent between the client and the server.

SSH Port

By default SSH runs on port 22/TCP. However, you can configure it to run on another port instead in order to attempt to evade automated brute force login attacks.

SSH Protocol

SSH supports two protocols: Protocol version 1 and version 2. Two is more advanced and secure. If possible, you should use only protocol 2. But you can also set it to '2,1', in which case applications that support protocol 2 will use it, while older applications that only support protocol 1 can fall back to that instead.

SSH Root Login

By default and for security reasons direct SSH login as user 'root'; is typically not allowed. If needed, you can allow it here.

Password Authentication

Specifies whether password authentication to SSH is allowed. The default is 'yes'. If you have set up SSH keys or certificates, you can turn off password authentication for added security. Only allowing key/cert based SSH logins is the more secure fashion.

RSA Authentication

Specifies whether pure RSA authentication is allowed. The default is 'no', as we usually allow only SSH protocol version 2 and this option applies only to protocol version 1 only.

Public Key Authentication

Specifies whether public key authentication is allowed. The default is 'yes'. Note that this option applies to protocol version 2 only.


SSH Key /Cert Management

SSH Key Length

Specifies the number of bits in the key for newly created keys or certificates. The default is 2048 bits. Generally, 2048 bits is considered sufficient, but you can create keys with more bits. Please note that longer keys create longer to create. Longer keys also have a negative impact on SSH performance.

SSH Keys

Shows if SSH public and private keys are present. If not, you can tick the checkbox and have them created.

PEM Certificates

Shows if SSH public and private PEM certificates are present. If not, you can tick the checkbox and have them created.

Upload Public Key

This allows you to upload a public key. It will be added to authorized_keys automatically.

userguide/shell/shellconfig.txt · Last modified: 2014/07/22 03:00 by