SSH Settings

The SSH Settings allow you to configure SSH access to your LANCOM R&S®Unified Firewall from the Internet.

Navigate to Firewall > Firewall Access > SSH Settings to open an editor panel to display and edit the SSH settings.

The SSH Settings panel allows you to configure the following elements:

Input field Description
I/0 A slider switch indicates whether the SSH service is active (I) or inactive (0). By clicking the slider switch, you can toggle the state of the service. The SSH service is activated by default.
Port Set the listening port by entering the port number. The default setting is port 22.
Password Authentication Password authentication allows you to login to your LANCOM R&S®Unified Firewall via SSH using a password. Password authentication is activated by default.
Important: Password authentication can only be deactivated if at least one SSH public key is actively used for key authentication.
SSH Public Keys This table displays the SSH public keys that are used to authenticate a user without a password. Click Add to open the SSH Key panel and add a new key. On this panel, you can define the following settings:
  • In the Key field, enter or paste the SSH public key.
  • In the Title field, enter a name for the SSH public key.
Important: Your LANCOM R&S®Unified Firewall only support keys in Secure Shell (SSH) Public Key File Format.
If you modify these settings, click Save to save your changes or Reset to discard them. Otherwise, click Close to close the editor panel. The SSH public key appears as a list entry (Fingerprint). You can edit or delete single entries in the list by clicking the corresponding button next to an entry. For more information, see Icons and buttons.
Note: You can use these authentication methods (Password Authentication, SSH Public Keys) alone or in combination.
Access Restrictions This table displays user-defined IP addresses or IP networks that can be allowed access to the LANCOM R&S®Unified Firewall (whitelist mode). Select the check box next to an entry to allow access. To add an IP address or network to the list, enter a Title and Source and click Add. The new entry is added to the list and is activated automatically. The following entries are predefined and cannot be removed:
  • Local Networks represents the internal access and is activated by default.
  • Internet provides SSH access to the LANCOM R&S®Unified Firewall from the Internet.
    Important: In certain circumstances, this may grant attackers access to your LANCOM R&S®Unified Firewall. Therefore, we do not recommend using this option as a permanent solution.
  • VPN Tunnels
The following default entries include network sections for the customer support. These entries are deactivated by default.
  • Rohde & Schwarz Internet Gateway
  • Rohde & Schwarz Cybersecurity Customer Support

If you modify the settings, click Save to store your changes or Reset to discard them. Otherwise, click Close to shut the editor panel.

Click Activate in the toolbar at the top of the desktop to apply your configuration changes.

www.lancom-systems.com

LANCOM Systems GmbH | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E-Mail info@lancom.de

LANCOM Logo