This article shows how to configure Secure Shell (SSH) access to the device in IGEL OS.

Menu path: System > Remote Access > SSH Access



Enable

 The SSH service is enabled.

The SSH service is disabled. (Default)


If SSH access is enabled, you can configure the following:


Permit empty passwords

Logging on without a password is allowed.

 Logging on without a password is not allowed. (Default)


Permit administrator logon

Logging on as an administrator is allowed.

Logging on as an administrator is not allowed. (Default)


Port number

Port number for SSH. (Default: 22)


User Access

List of configured users.

Unlike root and user, the ruser is not intended for real SSH sessions, but only for starting X applications that are listed below under Applications Access for Remote User “ruser”.

To manage the list:

  • User name

Permitted user

  • Hostname

Name of the host from which SSH access takes place (example: xterm.igel.de)

  • Deny

Access is denied.

Access is allowed. (Default)


For ruser a password has to be assigned under Security > Password. The names root and user work also without passwords. For more information, see Password.


Permit X11 forwarding

 X11 forwarding is enabled.

 X11 forwarding is disabled. (Default)


Applications Access for Remote User “ruser”

The ruser is not intended for real SSH sessions, but only for starting X applications configured below. By default these are localshell and /config/sessions/setup0.


If you try to log on to the device as ruser via SSH, then you will never be able to connect. The connection will be closed immediately without anything happening. In this case you must add the parameter "-X" and the program to be started in the session call, like in this example: 

ssh -X ruser@192.168.10.203 localshell
TEXT


To manage the list:

  • Click   to create a new entry.
  • Click   to remove the selected entry.
  • Click   to edit the selected entry.
  • Click   to copy the selected entry.


Clicking   brings up the Add dialogue, where you can define the following settings:

  • Command line

Command that is allowed or prohibited for the remote user

  • Enable application

The application given under Command line may be executed by the remote user. (Default)

The application given under Command line may not be executed by the remote user.