IPC@CHIP® RTOS-LNX – API Documentation

Header image

Main page


CHIP.INI [SSH]


[SSH]
ENABLE=0/1

Enable/disable the SSH server. Defines whether the SSH server is used or not. If 1 the SSH server is started. If you do not provide your own key filename, a default RSA key will be used. You can provide a RSA Key filename, and/or DSA Key filename.

To enable STDIO on SSH sessions, you have to set STDIN and STDOUT to SSH.
Default:
If safe mode is off, the SSH server is enabled per default. If safe mode is on, the SSH server is disabled per default.
Example:
[SSH]
ENABLE=1
Since
V1.05


[SSH]
SSHPORT=port

Sets the port number of the SSH server.
Default:
Default SSH port: 22
Example:
[SSH]
SSH_PORT=8300
Since
V1.05


[SSH]
PRIO=prio

Defines the task priority of the SSH server tasks during the session. Allowed value are 2-127.
Default:
Default is 37.
Example:
[SSH]
PRIO=11
Since
V1.05


[SSH]
PRIO_KEX=prio

Defines the task priority of the SSH server tasks during the key exchange. The key exchange will occupy 100% of the CPU performance for a long time period. Thus the task will have a different task priority during the key exchange. Allowed value are 2-127.
Default:
Default is 50.
Example:
[SSH]
PRIO_KEX=60
Since
V1.05


[SSH]
RSA_KEYFILE=prio

Defines the name of SSH server's private key file, used to authenticate the server to the client. The file must be in the 'dropbear' format.
Default:
Use an internal RSA key.
Example:
[SSH]
RSA_KEYFILE=rsa_key
Since
V1.05


[SSH]
DSA_KEYFILE=prio

Defines the name of SSH server's private key file, used to authenticate the server to the client. The file must be in the 'dropbear' format.
Default:
No DSA key.
Example:
[SSH]
DSA_KEYFILE=rsa_key
Since
V1.05


[SSH]
ECDSA_KEYFILE=prio

Defines the name of SSH server's private key file, used to authenticate the server to the client. The file must be in the 'dropbear' format.
Default:
No ECDSA key.
Example:
[SSH]
ECDSA_KEYFILE=rsa_key
Since
V1.05


[SSH]
USERx=user name

Defines a user name for SSH. You can define a USER0 and a USER1. User name and password are case sensitive. Maximum user name size: 19 characters.
Default:
The default user name and password is ssh.
Example:
[SSH]
USER0=otto
Since
V1.05


[SSH]
PASSWORDx=password

Define the password for a SSH user. You can define a PASSWORD0 for USER0 and a PASSWORD1 for USER1. User name and password are case sensitive. Maximum password size: 19 characters.

If no password is specified for a user, public key authentication will be the only allowed user authentication method. In this case the section USERx_KEYFILE must be provided.
Default:
The default user name and password is ssh.
Example:
[SSH]
USER0=otto
PASSWORD0=ottopass
Since
V1.05


[SSH]
PASSHASHx=password hash

Defines the password hash for a SSH user. This alternate method does not require a clear text password in the CHIP.INI. If this entry is present the PASSWORDx entry is ignored.
You can define a PASSHASH0 for USER0 and a PASSHASH1 for USER1. Use the passhash command to generate a password hash.
Example:
[SSH]
USER0=user0
PASSHASH0=$5$4lkah074$7qBJC0U5fQR2wJvonp9OE51VIw1iftyi6qF2.j5FbgB
USER1=user1
PASSHASH1=$5$UtGcvfoO$EP2Vpdt5SXmYds13Gq8QpmK1QBlLHm1.sDLWbvHSXG1
Since
V1.19


[SSH]
USERx_KEYFILE=filename

Defines a filename for SSH USER0 or USER1, that contains one or multiple public keys for user authentication. This is an alternate method for user authentication, beside the password method. It is more secure than the password method.

If the SSH server should allow password and public key authentication, both entries (PASSWORDx and USERx_KEYFILE) must be provided.

The file must be in 'OpenSSH authorized_keys' format. Every key must be listed in one line. Within one key no line breaks are allowed.
Default:
No user key file.
Example:
[SSH]
USER0=myself
USER0_KEYFILE=user0_keys
Since
V1.05


[SSH]
LOCAL_FORWARD=0/1

Enables/Disables the SSH Local TCP Port Forwarding.
Default:
By default the Local Forwarding option is disabled.
Example:
[SSH]
LOCAL_FORWARD=1
Since
V1.05


[SSH]
REMOTE_FORWARD=0/1

Enables/Disables the SSH Remote TCP Port Forwarding.
Default:
By default the Remote Forwarding option is disabled.
Example:
[SSH]
REMOTE_FORWARD=1
Since
V1.05


[SSH]
FORWARD_ALL=0/1

Allows/Disallows TCP connections to remote forwarded ports from any host.
Default:
By default only connections from the Local Loopback device are allowed (forwarded over SSH).
Example:
[SSH]
FORWARD_ALL=1
Since
V1.05





Top of page | Main page

Copyright © 2018 Beck IPC GmbH
Generated on Fri Feb 9 2018 17:44:49 by Doxygen 1.8.13