remote_ssh_support
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
remote_ssh_support [2016/04/30 11:37] – lucy | remote_ssh_support [2016/07/26 16:59] – lucy | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | **SSH in LUCY?** | + | ===== SSH in LUCY ===== |
There are two SSH features build in LUCY: | There are two SSH features build in LUCY: | ||
- | - SSH outbound: this SSH access feature is used only for remote LUCY maintenance | + | - SSH **outbound**: this SSH access feature is used only for **remote LUCY support |
- | - SSH inbound (port 22). This is enabled by default | + | - SSH **inbound** (port 22). This is enabled by default |
+ | |||
+ | |||
+ | |||
+ | ===== Configuration of SSH outbound support ===== | ||
+ | |||
+ | SSH access for our team is by default closed. Press "Open Access" | ||
+ | |||
+ | {{ 76.jpg?600 }} | ||
+ | |||
+ | If you want to enable SSH access for remote support, LUCY will connect via Port 22 to our SSH hopping station. As a result an outbound SSH connection will be established. We will need your Port number and password (on our internet facing SSH server) to be able to connect to your server. LUCY uses outgoing connection Port 22, please check that it is allowed through your firewall. | ||
+ | |||
+ | ===== SSH Inbound Access (port 22) ===== | ||
- | **Shell Access (root) inbound (port 22)** | ||
Root access is possible (commercial clients). | Root access is possible (commercial clients). | ||
* For Version below 2.6: if you need a shell access to your workstation, | * For Version below 2.6: if you need a shell access to your workstation, | ||
Line 13: | Line 25: | ||
- reset the root password from the web gui (see screenshot below) | - reset the root password from the web gui (see screenshot below) | ||
- | {{:ssh_pwd.png? | + | {{ ssh_pwd.png? |
- | **Configuration of SSH outbound support** | ||
- | SSH access for our team is by default closed. Press "Open Access" | ||
- | {{: | + | ===== The SSH Phishing account ===== |
- | If you want to enable SSH access for remote support, LUCY will connect via Port 22 to our SSH hopping station. As a result an outbound SSH connection will be established. We will need your Port number and password (on our internet facing SSH server) to be able to connect to your server.LUCY uses outgoing connection Port 22, please check that it is allowed through your firewall. | ||
- | |||
- | |||
- | Phishing account | ||
The phishing account is a system account. Here is the [[technical_information|link]] that describes the background info (check under accounts).If you want to harden access from remote you can either restrict access in SSH or disable SSH password authentication for that user. | The phishing account is a system account. Here is the [[technical_information|link]] that describes the background info (check under accounts).If you want to harden access from remote you can either restrict access in SSH or disable SSH password authentication for that user. | ||
Line 34: | Line 40: | ||
Match user phishing | Match user phishing | ||
PasswordAuthentication no | PasswordAuthentication no | ||
+ | |||
+ | The SSH Phishing Account password can be [[recover_your_root_password|displayed within the GUI]]. | ||
+ | |||
+ | **Warning: don't change anything on the system** | ||
+ | |||
+ | Please note that any changes to the system (changing host file, modifying htaccess etc.) will most likely have an impact on the functionality of LUCY. We cannot give support to systems that have been altered. | ||
remote_ssh_support.txt · Last modified: 2019/07/25 12:49 by 127.0.0.1