Copyright

© 2021 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.


Purpose

This document describes how to set up remote SSH access to the text console in the HIAB.

Introduction

The HIAB solution can be set up to allow SSH connections from the client computer to facilitate the setup and configuration remotely. The HIAB is hardened by default and therefore this functionality is not enabled by default. The SSH authentication only allows keys and does not support the use of password authentication.  

Remote access to the text console can be useful if the HIAB GUI becomes unavailable, and the remote support requires to be started.

Requirements

  • Verify that the HIAB Server is pingable. If HIAB Server Pingable is set to NO, remote SSH access to the HIAB console is not possible. See the section about Configure UI Management Interface in the HIAB 64-Bit Console document on how to configure HIAB Server Pingable.
  • Verify that the client from which you would like to connect from can connect to the HIAB over TCP port 22.   
  • Enable and configure the service according to the information in this document. 
  • Access to the program puttygen and the PuTTY terminal.

Configuration

Enable Remote SSH Access

To access the HIAB using SSH, the remote SSH access need to be enabled.

To enable remote SSH access: 

  1. Navigate to Main Menu > Settings > Server
  2. Click the Remote tab to access settings for SSH. 
  3. In the Settings section, set Enable Remote SSH Access to yes in the drop-down menu. 
  4. In the Enabled On Network Interface drop-down menu, select which interface the service should be available on.  
  5. Click Save and the service will become available. 


Generating Keys

To connect to the SSH service you need to supply your public key. This is generated in the program puttygen. The required key that you need to supply to the tool is marked in the figure.

  1. Store the private key for later use, it is required when you connect to the service.
  2. Copy the public key and store it in a text file on one line. The file can later be uploaded through the upload functionality available in the GUI.

    Important Note While Storing the Key

    Do not use the file generated by the Save public key button in putty key generator. The public key need to be in openssh format.


Adding Generated Key to the GUI

To add new keys:

  1. Click New in the Allowed SSH Keys section. The Maintaining Remote SSH Key window is displayed as indicated in the figure.
  2. Enter the name of the remote host.
  3. Enter the SSH generated public key.



    The following options is presented:

    OptionDescription
    From IP addressIP address of the remote machine. (Optional)
    NameName of the remote host. 
    SSH KeyThe generated public key of the remote machine.

    Delete will remove unwanted keys.

    Upload will upload keys via text file

    1. Click the Upload button and enter the search path to the file stored previously in section Generating Keys.

Setting up PuTTY

After adding the SSH keys to the HIAB, the PuTTY console need to be set up. 

  1. Open the PuTTY and insert the IP-address or Host Name for the HIAB.

    PuTTY Configuration Session

  2. Next click Connection > Data in the Category tree section to the left.
  3. The username for the connection is hiab_console. Add the HIAB console username in Auto-login username to be established the connection.



  4. Click SSH > Auth in the Category tree section to the left, and set up PuTTY to use the private key file you stored in section Generating Keys..



  5. Click Open to start the connection.



  6. Enter the Key Passphrase you entered in the PuTTY Key Generator when you saved your private key.


Note

If you stored the private key without passphrase, this step is skipped and you will be logged on directly.


If the file has been uploaded without any errors into HIAB and you have defined the user name in PuTTY, then you are now able to connect to the HIAB appliance with the use of the private key in PuTTY.