3.
Check the Regenerate All Keys box.
4.
Click Submit.
The KeyType/Status/Action table will temporarily disappear while the NetClock regen
erates the keys. The Host keys are generated in the background. Creating RSA and DSA
keys, each with 1024 bits length, typically takes about 30 seconds. Keys are created in
the order of RSA, DSA, ECDSA, ED25519. NetClock will generate all 4 host keys, RSA,
DSA, ECDSA, and ED25519.
5.
Delete any of the keys you do not want. See "Deleting Host Keys" on the previous page.
Note: If the unit is rebooted with host key creation in progress, or the unit
is booted and no host keys exist, the key generation process is restarted.
The key generation process uses the previously specified key sizes.
Note: If a key size is undefined, the default key bit length size used is
2048. A key with a zero length or blank key size field will not be created.
When you delete a host key and recreate a new one, SSH client sessions will warn you that the
host key has changed for this particular IP address. The user will then either have to:
1.
Override the warning and accept the new Public Host Key and start a new connection.
This is the default. This option allows users to login using either method. Whichever
mode works is allowed for logging in. If the Public Key is not correct or the Passphrase
is not valid the user is then prompted for the login account password.
2.
Remove the old Host Public Key from their client system and accept the new Host Public
Key. This option simply skips public/private key authentication and immediately prompts
the user for password over a secure encrypted session avoiding sending passwords in
the clear.
3.
Load a public key into NetClock. This public key must match the private key found in the
users account and be accessible to the SSH, SCP, or SFTP client program. The user must
then enter the Passphrase after authentication of the keys to provide the second factor for
2-factor authentication.
Please consult your specific SSH client’s software’s documentation.
Public Keys: Viewing, Editing, Loading
The authorized_keys file can be viewed and edited, so as to enable adding and delet
ing Public Keys. The user may also retrieve the authorized_keys file from the .ssh dir
ectory Using FTP, SCP, or SFTP.
If you want to completely control the public keys used for authentication, a correctly formatted
authorized_keys file formatted as indicated in the OpenSSH web site can be loaded
onto NetClock. You can transfer a new public key file using the Web UI.
2.14 Configuring Network Settings
CHAPTER 2 • NetClock User Reference Guide Rev. 16
81
To Next Page
Loading...
