Changes for page Remote Access Gateway
Last modified by Kilight Cao on 2022/07/25 10:47
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -65,7 +65,7 @@ 65 65 Advance administrator can config a SSH server to provide support their end user themselves. Instruction is as below: 66 66 67 67 1. Prepare a Linux server with public IP. The gateways need to be able to create SSH connection to this server. We recommend to use a server that performs no other function than to support the RSSH access, and to have no additional accounts active, and no access from the Internet that uses ID/password authentication. 68 -1. In the gateway settings, The (% class="mark" %)**Login ID**(%%)will be the SSH user for this server and the(% class="mark" %)**Host Address**(%%)is the server address.68 +1. In the gateway settings, The Login ID will be the SSH user for this server and the Host Address is the server address. 69 69 1. Ask your end user to send you the key generate in the gateway and put them in /home/<Login ID>/.ssh/authorized_key file. 70 70 1. Give a free port to the user and ask them to configure RSSH page in the gateway. 71 71 1. In your server or other machine, you will able to access to the end user device by below command: ... ... @@ -73,22 +73,19 @@ 73 73 {{{ $ ssh -p <End User Host Port> root@<Host Address> 74 74 }}} 75 75 76 - (% class="mark" %)**Remote RSSH Access allow the gateway to connect to SSH server as well. This will create risk to the RSSH server. Please make sure the account use for Gateway Access has the lowest access right.**76 +Remote RSSH Access allow the gateway to connect to SSH server as well. This will create risk to the RSSH server. Please make sure the account use for Gateway Access has the lowest access right. 77 77 78 - 79 79 ==== 2.1.2.1 Note for set up RSSH server ==== 80 80 81 81 * If gateway reboot or the connection is incidentely close by end node. The port in SSH server will still be occupy for a long time. Administrator can use below commands to release the port. 82 82 83 -(% class="box" %) 84 -((( 85 -[root@iZt4n22vqvm7ajogrfiif6Z ~~]# lsof -i :9102 ~-~-> check the port 9102 process status (change 9102 to the actually port for your gateway. 86 -COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME 87 -sshd 21430 sshuser 15u IPv4 47567059 0t0 TCP localhost:bacula-fd (LISTEN) 88 -[root@iZt4n22vqvm7ajogrfiif6Z ~~]# kill 21430 ~-~-> Kill PID of this process. 89 -[root@iZt4n22vqvm7ajogrfiif6Z ~~]# lsof -i :9102 90 -[root@iZt4n22vqvm7ajogrfiif6Z ~~]# 91 -))) 82 +{{{[root@iZt4n22vqvm7ajogrfiif6Z ~]# lsof -i :9102 --> check the port 9102 process status (change 9102 to the actually port for your gateway. 83 +COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME 84 +sshd 21430 sshuser 15u IPv4 47567059 0t0 TCP localhost:bacula-fd (LISTEN) 85 +[root@iZt4n22vqvm7ajogrfiif6Z ~]# kill 21430 --> Kill PID of this process. 86 +[root@iZt4n22vqvm7ajogrfiif6Z ~]# lsof -i :9102 87 +[root@iZt4n22vqvm7ajogrfiif6Z ~]# 88 +}}} 92 92 93 93 == 2.2 For Firmware Version higher than lgw~-~-build-v5.4.1618196981-20210412-1111 == 94 94