HIAB Remote SSH Guide

Purpose

This document provides the reader an understanding of how to configure and access the HIAB console using SSH.

Introduction

The HIAB solution can be set up to allow SSH connections from the client computer to facilitate remote setup and configuration. The HIAB is hardened by default and therefore this functionality must be manually activated. The SSH authentication only supports keys and does not allow the use of password authentication.

Benefits

Remote access to the text console can be useful if the HIAB GUI becomes unavailable, and the back channel requires to be started.

Requirements

This document assumes that the reader has basic access to the HIAB Account and Graphical User Interface, PuTTY. Throughout the document we use PuTTY as the SSH client used to access the HIAB Console.

Prerequisites

Verify that the HIAB Server is pingable. If HIAB Server Pingable is set to NO, remote SSH access to the HIAB console is not possible. See the section about Configure UI Management Interface in the HIAB Console Manual 64-Bit document on how to configure HIAB Server Pingable.
Verify that the client from which you would like to connect from can connect to the HIAB over TCP port 22.

Enable and configure the service according to the information in this document.
Access to the program puttygen and the PuTTY terminal.

Enable Remote SSH Access

To access the HIAB using SSH, the remote SSH access need to be enabled.

To enable remote SSH access:

Navigate to Main Menu > Settings > Server.
Click the Remote tab to access settings for SSH.
In the Settings section, set Enable Remote SSH Access to yes in the drop-down menu.
In the Enabled On Network Interface drop-down menu select which interface the service should be available on.
Click Save and the service will become available.

Generating Keys

To connect to the SSH service you need to supply your public key. This is generated in the program puttygen. The required key that you need to supply to the tool is highlighted in Figure 2.
Store the private key for later use, it is required when you connect to the service.

While storing the key, copy the public key and store it in a text file on one line. The file can later be uploaded through the upload functionality available in the GUI. Do not use the file generated by the Save public key button in putty key generator.

Adding Generated Key to the GUI

To add new keys, click on the New button in the Allowed SSH Keys section. The Maintaining Remote SSH Key window is displayed as indicated in the figure below.

The following options are presented:

Option	Description
From IP address	IP address of the remote machine. (Optional)
Name	Name of the remote host.
SSH Key	The generated public key of the remote machine.

The Delete button removes unwanted keys.
The Upload button upload keys via text file, click the Upload button and enter the search path to the file stored previously in section Generating Keys.

Setting up PuTTY

After adding the SSH keys to the HIAB, the PuTTY console need to be set up.

Open the PuTTY and insert the IP-address or Host Name for the HIAB.
Next click Connection > Data in the Category section.
The username for the connection is hiab_console. Add the HIAB console username in Auto-login username to be established the connection.
Click SSH > Auth and set up PuTTY to use the private key file you stored in section Generating Keys.
Click Open to start the connection.
Enter the Key Passphrase you entered in the PuTTY Key Generator when you saved your private key.

If you stored the private key without passphrase, this step is skipped and you will be logged on directly.

If the file has been uploaded without any errors to the HIAB and you have defined the user name in PuTTY, then you are now able to connect to the HIAB appliance with the use of the private key in PuTTY.