122
NetComm Wireless 4G M2M Router
www.netcommwireless.com
v1.0
Host key management
SSH keys provide a means of identification using public key cryptography and challenge response authentication. This means that a
secure connection can be established without transmitting a password, thereby greatly reducing the threat of someone
eavesdropping and guessing the correct credentials.
SSH Keys always come in pairs with one being a public key and the other a private key. The public key may be shared with any
server to which you want to connect. When a connection request is made, the server uses the public key to encrypt a challenge (a
coded message) to which the correct response must be given. Only the private key can decrypt this challenge and produce the
correct response. For this reason, the private key should not be shared with those who you do not wish to give authorization.
The Host key management section displays the current public keys on the router and their date and timestamp. These public keys
are provided in different formats, including DSA, RSA and ECDSA. Each format has advantages and disadvantages in terms of
signature generation speed, validation speed and encryption/decryption speed. There are also compatibility concerns to consider
with older clients when using ECDSA, for example.
Generating new keys
The complete set of keys can be re-generated by selecting the Generate keys button. This key generation process takes
approximately 30 seconds to complete.
Downloading keys
The Get keys button allows you to download the complete set of public and private keys while the Get public keys button will
download only the set of public keys.
Uploading your own key files
You can generate your own SSH keys and upload them to the router. To generate keys on a Linux-based machine, use the
following commands:
mkdir keys
cd keys
ssh-keygen -t rsa1 -f ssh_host_key -N ""
ssh-keygen -t dsa -f ssh_host_dsa_key -N ""
ssh-keygen -t rsa -f ssh_host_rsa_key -N ""
ssh-keygen -t ecdsa -f ssh_host_ecdsa_key -N ""
zip -e -P "PASSWORDHERE" -j keys.zip *
Click the Upload keys button then locate the generated keys to upload them to the router.