Appendix A: Secure Remote Copy
39
N6123 NVR User Manual
Appendix A: Secure Remote Copy
The N6123 NVR supports remote copy to an OpenSSH Server via its public key. It can copy individual movie files to a configured
path via the web interface or it can copy all movie files at once through the N-Command (N8000 Series) scripting engine. When
copied over, the files are renamed based on their description (with invalid filename characters removed) and an optional prefix. Any
number of NVRs can remote copy their files to a single server and have their own paths and prefixes. The NVR can remote copy
while converting, recording, and playing.
Needed Equipment
N6123 NVR
Separate computer with OpenSSH Server with space to hold MPEG movies
NOTE:
Only Linux servers are officially supported for secure remote copy.
Conductor N8000 series controller (if you wish to copy all movie files at once command)
Setup
The N6123 NVR needs direct socket access to the OpenSSH Server so it can establish a secure connection. The NVR will make its
public key available and attempt to do a password-less SSH login. All the NVR configurations are made through the NVR’s web
interface. See
Chapter 3: NVR Web Interface Configuration Options
on page 21 for more information.
A Linux administrator will need to configure the receiving OpenSSH server to allow password-less entry with the NVR’s public key.
This admin-level process is as follows:
From Linux (such as CentOS)
1.
Log into the command prompt as root (or a user with sudo access).
2.
Create an NVR user:
[root@localhost
admin]#
useradd
dvruser
3.
Switch to the new user:
[root@localhost
admin]#
su
dvruser
4.
Switch to home directory:
[dvruser@localhost
admin]$
cd
~
5.
Create new SSH keys. Press enter to accept all defaults.
[dvruser@localhost
~]$
ssh
‐
keygen
6.
Create a “mov” directory to hold the movies:
[dvruser@localhost
~]$
mkdir
mov
7.
Navigate to the ~/.ssh directory:
[dvruser@localhost
~]$
cd
~/.ssh
8.
Create an
authorized_keys
file. chmod it to 600:
[dvruser@localhost
~]$
touch
authorized_keys;
chmod
600
authorized_keys
The NVR’s public key now needs to be pasted in to the new
authorized_keys
file.
From the NVR’s web interface:
1.
Log in with an admin account.
2.
Navigate to the
Remote
Copy
page.
3.
Click the
Generate New Keys
button. This will remove all previous keys and create new ones.
4.
Copy the new public key to the
authorized_keys
file made earlier on the OpenSSH server. For multiple NVRs, each public key
from each NVR gets its own line in that same file.
5.
On the NVR web page, Fill out the form accordingly:
Enable Secure Copy
: Check to enable secure copy.
SCP username
: The user account created earlier. If you followed the example, it is
dvruser
.
SCP IP
: The IP address of the OpenSSH server.
SCP Port
: The SSH port. The default port is 22.
SCP Save Path
: The path to which the NVR should save the movie files. This path must be a directory that already exists, and
the path must include the forward slash. The default is
/home/dvruser/mov/
.
SCP Filename Prefix
: You may prepend a string to the front of the file (such as the name of the NVR). All files copied over will
be prefixed with this string. File names for the MPEG files are
MPEG description
with invalid characters removed and
spaces converted to underscores.
6.
Click
Save Remote Copy Settings
.
7.
Go to the
Recording/MPEG
page and click the
MPEG
tab.
8.
Choose an already converted MPEG from the list and then click the
Remote
link to execute a remote copy on that file.
