1. Manuals
  2. Brands
  3. Redline Manuals
  4. Conference System
  5. RDL-3000 Series
  6. User manual

Enabling Ssh - Redline RDL-3000 Series User Manual

Universal wireless transport
Hide thumbs Also See for RDL-3000 Series:
Table of Contents

Advertisement

RDL-3000 FAMILY
The self-generated certificate does not provide a secure solution. It is strongly
recommended to load a unique user-generated DSA key file before using the SSH
feature in a production environment.
When using the self-generated key, a warning message may be displayed based on the
SSH client security settings (e.g., Warning: Potential Security Breach. The servers host
key does not match). This message does not interfere with the function and the operator
has full access to the secure Web interface.

Enabling SSH

SSH is disabled by (factory) default. Use the following steps to enable SSH.
Use Self Generated (Temporary) Key
For out-of-box operation, a temporary DSA key is self-generated on reboot.
Use the CLI or Web interface to enable SSH:
1.
Web: Configuration screen -> Ethernet: SSH Enable
CLI:
Save the configuration to activate changes.
2.
Verify the radio is accessible using SSH, and then use the CLI or Web interface to
3.
disable HTTP and Telnet.
Use Operator Generated (Permanent) Key
The operator can create a permanent key using the self-generate feature or load an
externally generated key. Both operations disable the self-renewing key function.
Use one of the following methods to generate a key file:
5.
Option 1: Create a DSA key using the CLI 'generate' command. This function self-
generates a key file and saves this value permanently in the user (usr) table. Reboot
the radio to activate the key.
Example: Generate a new DSA key file.
generate sshkey dsa
reboot
Option 2: Use a commercially available tool to create the DSA key file. A TFTP
server is required to load an externally generated key file.
The selected tool must create a file that conforms to the following:
Maximum key size is 2048 bits
Key filename must be in the following format: dsa_key_<mac>.pem
Use a TFTP server to load the key file into the radio (option 3 only).
6.
a. Copy the key file to the default directory of a TFTP server.
b. Use the CLI 'load' command to copy the key file from the TFTP server to the
user (usr) table on the radio.
c. Use the CLI command 'show files usr' to verify the files have been loaded.
d. Reboot the radio to activate changes.
Example: Use TFTP server at IP address 192.168.25.10 to load an SSH key file:
load file 192.168.25.10 dsa_key_00-09-02-01-C1-9A.pem usr tftp
show files usr
Use the CLI or Web interface to enable SSH:
7.
Web: Configuration screen -> Ethernet: SSH Enable
CLI: set ssh on
Save the configuration to activate changes.
8.
Verify the radio is accessible using SSH, and then use the CLI or Web interface to
9.
disable HTTP and Telnet.
70-00158-03-00
USER MANUAL
set ssh on
dsa_key.pem size=672 md5=fa9bd7a1f465fd7e9fed30150b0608c4
Proprietary Redline Communications © 2015
Page
162
of 254
April 17, 2015
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Redline RDL-3000 Series

Related Products for Redline RDL-3000 Series

This manual is also suitable for:

Rdl-3000 ellipseRdl-3000 ras-elite lRdl-3000 elte-mtRdl-3000 enterpriseRdl-3000 ras-extend connect-owsRdl-3000 connect-iws ... Show all

Table of Contents