Services
Use SSH with key authentication
Rather than using passwords, you can use SSH keys to authenticate users connecting via SSH, SFTP,
or SCP. SSH keys provide security and scalability:
Security: Using SSH keys for authentication is more secure than using passwords. Unlike a
n
password that can be guessed by an unauthorized user, SSH key pairs provide more
sophisticated security. A public key configured on the Connect IT device is paired with a private
key on the user's PC. The private key, once generated, remains on the user's PC.
Scalability: SSH keys can be used on more than one Connect IT device.
n
Generating SSH key pairs
On a Microsoft Windows PC, you can generate SSH key pairs using a terminal emulator application,
such as PuTTY or Tera Term.
On a Linux host, an SSH key pair is usually created automatically in the user's .ssh directory. The
private and public keys are named id_rsa and id_rsa.pub. If you need to generate an SSH key pair,
you can use the ssh-keygen application.
For example, the following entry generates an RSA key pair in the user's .ssh directory:
ssh-keygen -t rsa -f ~/.ssh/id_rsa
The private key file is named id_rsa and the public key file is named id_rsa.pub. (The .pub extension
is automatically appended to the name specified for the private key output file.)
Required configuration items
Name for the user
n
SSH public key for the user
n
Additional configuration items
If you want to access the Connect IT device using SSH over a WAN interface, configure the
n
access control list for the SSH service to allow SSH access for the External firewall zone.
É
WebUI
1. Log into the Connect IT Mini WebUI as a user with full Admin access rights.
2. On the menu, click System. Under Configuration, click Device Configuration.
The Configuration window is displayed.
3. Click Authentication > Users.
4. Select an existing user or create a new user. See
creating a new user.
Digi Connect IT® Mini User Guide
Use SSH with key authentication
User authentication
for information about
292