Cli Security; Password; Ssh Secure Shell Login - Meinberg LANTIME/GPS Operating Instructions Manual

CLI Security

Password

On the "Security" page you can manage all security relevant parameters for your
timeserver. In the first section "Login" the administration password can be changed,
which is used for SSH, TELNET, FTP, HTTP and HTTPS access. The password is
stored encrypted on the internal flash disk and can only be reset to the default value
"timeserver" by a "factory reset", changing all settings back to the factory defaults.
Please refer to the LCD configuration section in this manual.

SSH Secure Shell Login

The SSH provides you with a secure shell access to your timeserver. The connection
is encrypted, so no readable passwords are transmitted over your network. The actual
LANTIME version supports SSH1 and SSH2 over IPv4 and IPv6. In order to use this
feature, you have to enable the SSHD subsystem and a security key has to be
generated on the timeserver by using the "Generate SSH key" button. Afterwards, a
SSH client can connect to the timeserver and opens a secure shell:
ssh root @ 192.168.16.111
The first time you connect to a SSH server with an unknown certificate, you have to
accept the certificate, afterwards you are prompted for your password (which is
configured in the first section of this page).
If you generate a new SSH key, you can copy and paste it into your SSH client
configuration afterwards in order to allow you to login without being prompted for a
password. We strongly recommend to use SSH for shell access, TELNET is a very
insecure protocol (transmitting passwords in plain text over your network).
82