Chapter 6:
Secure SSH Tunneling & SDT Connector
134
Console Server & RIM Gateway User Manual
6.7
SDT Connector Public Key Authentication
SDT Connector can authenticate against an SSH gateway using your SSH key pair rather than requiring your to enter
your password. This is known as public key authentication.
To use public key authentication with SDT Connector, first you must add the public part of your SSH key pair to your SSH
gateway:
Ensure the SSH gateway allows public key authentication, this is typically the default behavior
If you do not already have a public/private key pair for your client PC (the one running SDT Connector on)
generate them now using
ssh-keygen, PuTTYgen
or a similar tool. You may use RSA or DSA, however it is
important that you leave the passphrase field blank:
-
PuTTYgen: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
-
OpenSSH: http://www.openssh.org/
-
OpenSSH (Windows): http://sshwindows.sourceforge.net/download/
Upload the public part of your SSH key pair (this file is typically named
id_rsa.pub
or
id_dsa.pub
) to the SSH
gateway, or otherwise add to
.ssh/authorized keys
in your home directory on the SSH gateway
Next, add the private part of your SSH key pair (this file is typically named
id_rsa
or
id_dsa
) to SDT Connector.
Click
Edit: Preferences: Private Keys: Add
, locate the private key file and click
OK
You do not have to add the public part of your SSH key pair, it is calculated using the private key.
SDT Connector will now use public key authentication when connecting through the SSH gateway (
console server
). You
may have to restart SDT Connector to shut down any existing tunnels that were established using password
authentication.
Also if you have a host behind the
console server
that you connect to by clicking the SSH button in SDT Connector you
may also wish to configure access to it for public key authentication as well. This configuration is entirely independent of
SDT Connector and the SSH gateway. You must configure the SSH client that SDT Connector launches (e.g. Putty,
OpenSSH) and the host's SSH server for public key authentication. Essentially what you are using is SSH over SSH, and
the two SSH connections are entirely separate.
6.8
Setting up SDT for Remote Desktop access
Microsoft’s Remote Desktop Protocol (RDP) enables the system manager to securely access and manages remote
Windows computers
– to reconfigure applications and user profiles, upgrade the server’s operating system, reboot the
machine etc. O
pengear’s Secure Tunneling uses SSH tunneling, so this RDP traffic is securely transferred through an
authenticated and encrypted tunnel.
SDT with RDP also allows remote
Users
to connect to Windows XP, Vista, Server2003, Server 2008 computers and to
Windows 2000 Terminal Servers; and to have access to all of the applications, files, and network resources (with full
graphical interface just as though they were in front of the computer screen at work). To set up a secure Remote Desktop
connection you must enable Remote Desktop on the target Windows computer that is to be accessed and configure the
RPD client software on the client PC.
6.8.1 Enable Remote Desktop on the target Windows computer to be accessed
To enable
Remote Desktop
on the Windows computer being accessed:
Open
System
in the Control Panel and click the
Remote
tab
Summary of Contents for ACM5000
Page 3: ......
Page 10: ...Table of Contents 10 Console Server RIM Gateway User Manual...
Page 11: ......
Page 94: ...Chapter 5 Firewall Failover and Out of Band 94 Console Server RIM Gateway User Manual...
Page 119: ......
Page 149: ......
Page 191: ......
Page 205: ......
Page 225: ......
Page 303: ......
Page 313: ......
Page 323: ......