Ssh/Sftp Authentication; Update Default Ssh/Sftp Keys - ABB XIO-08 User Manual

Extendable io

Hide thumbs Also See for XIO-08:

User manual (207 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

Table of Contents

Table 8-8: Security keys

Account

Access

privileges

Name

Totalflow-use Only SFTP

access

(Read-only)

8.7.2

SSH/SFTP authentication

Session keys encrypt the communication between the client and the SSH/SFTP server to provide security.

Authentication requires specific private-public key pairs for the type of access. ABB provides default

private keys and passphrases to customers upon request. ABB stores the default public keys at the factory

in a protected storage location on the device's flash. They remain unchanged by updates.

To request a connection to the SSH/SFTP service, provide the private key and passphrase. The service

compares the private key with the public key stored in the Totalflow device. If the keys pair correctly, the

connection is successful.

IMPORTANT NOTE: Private keys do not ship with the product or user interface software. ABB

keeps the keys and credentials safely stored. Request keys for SSH/SFTP access. Enable the service

only if necessary.

8.7.3

Update default SSH/SFTP keys

ABB Totalflow generates default keys, but customers must generate their own private keys for security

reasons. To update the private key, first update the corresponding public key stored on the XIO device.

This procedure describes how to regenerate a private key and update the corresponding public key on the

device.

IMPORTANT NOTE: Only permit an authorized expert user to perform this procedure. This

procedure requires developer or tech-support access. Failure to follow the procedure in its entirety

locks access to the SSH/SFTP service. To obtain default keys for this type of access, call ABB

Customer Support (see the

Update requirements

The key update requires third-party software.

Obtain the following before update:

 Third-party software, such as PuTTYgen, to generate new keys. Download PuTTYgen as part of a

putty package or as a standalone utility.

 Third-party SFTP client software to establish SFTP connections with the device (FileZilla).

 Latest PCCU from ABB. Download PCCU from www.abb.com/upstream.

 The private keys for developer or tech support accounts, and their respective passphrases for

SFTP. To change the keys for the first time, request the default keys from ABB. Otherwise, use

previously-updated keys.

IMPORTANT NOTE: There are other options for the third-party software. PuTTYgen and FileZilla

are examples. The update procedure is similar with other software.

Generate private-public key pair

This procedure generates and saves a new private-public key pair. The private key, passphrase and public

key are stored safely on the user's laptop or PC. The public key must also be saved in the XIO device. The

134 | XIO USER MANUAL | 2106424MNAA

Default

Access

keys

Totalflow-user

The following folders and contents are available for download:

private key

 Crash Dumps

 Flash: Main Totalflow application (App), Factory

 Logs: System and device loader log files

 tfData: Running (warm) configuration files

section).

configuration, Startup (cold) configuration

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Ssh/Sftp Authentication; Update Default Ssh/Sftp Keys - ABB XIO-08 User Manual

SSH/SFTP authentication

Update default SSH/SFTP keys

Hide quick links:

Related Manuals for ABB XIO-08

Related Content for ABB XIO-08

Table of Contents