2 security – Monroe Electronics R189se User Manual

Page 29

Advertising
background image

- 24 -

4.2.2 Security

The One-Net

SE

can be configured to allow unencrypted HTTP access or only SSL

encrypted HTTPS access. By placing a check mark in the box only SSL encrypted
HTTPS access will be allowed.

Setup > Network > Security




SSH Key Management Interface

WARNING: DO NOT MODIFY any SSH Keys without consulting with the factory!

Secure Shell is used for EAS NET network communication/control between a DASDEC II and other EAS NET
compatible platforms (including other DASDEC II's). SSH is a secure communications method that relies on
public/private key encryption. For a DASDEC II to communicate with another platform via SSH, the public key
from the DASDEC II's public/private key pair must be "authorized" on the remote platform.

Authorization usually is achieved by copying the public key into a file on the remote host. The DASDEC II uses
the open source package OpenSSH for SSH features. This package has a file called "authorized_keys2" under
/root/.ssh/ to hold the authorized public keys from remote platforms. Authorization allows secure access only
from the holder of the public key's corresponding private key. Even though this method of encryption and secure
access is very safe, it is still as a good idea to update the public/private keys from time to time. This can be
tedious to do manually between a set of servers that already intercommunicate. The DASDEC II SSH Key
Management interface greatly simplifies this process. It allows a group of remote hosts offering SSH connections
to have all of the encryption keys updated from the current DASDEC II location. This updates and maintains
secure SSH based network interoperability for EAS NET across each platform with a single operation.

To use this interface correctly, you must add client interface descriptors for each remote platform in the managed

group. The

button is used to create each descriptor. When a descriptor is added using this button,

there is no need to confirm the addition. The screen shot below shows a single remote client descriptor that was

added using

. Add as many as descriptors as needed. (EAS NET allows up to 8 connections.)

Advertising
This manual is related to the following products:

R189

Popular Brands
Popular manuals