PuTTY How To Guide

From Swivel Knowledgebase
Jump to: navigation, search


Introduction

There are various applications which will provide SSH and SFTP functionality. We recommend the use of PuTTY for SSH console connectivity to the Swivel appliance. If you wish to transfer files to and from the appliance, please see the WinSCP How To Guide.


Connecting to the Swivel appliance

When you run PuTTY, you are presented with the following screen, where you can manage stored sessions.


PuTTY1dialog.PNG


To connect to the Swivel appliance enter the IP address of the PINsafe appliance into the Host Name field (the default out of the box IP address is 192.168.0.35 for the standalone appliance).


PuTTY2dialog.PNG


Click the Open button at the bottom of the window, to initiate the SSH session. You may be prompted to add or update the security key.


PuTTY3dialog.PNG


You should then be presented with the following screen, where you are prompted to enter the username and password. The default username on Swivel appliances is admin (on older appliances it is root). The default password is lockbox - you are advised to change this, but make sure that you have a record of the new password - recovering access if you have forgotten the password is possible, but it is a complex process.


PuTTY4dialog.PNG


Once logged in successfully, you should be presented with the following screen, which is the CMI. The left image shows the v2 CMI and the right shows v3.


PuTTY5dialog.PNGPuTTY5dialogV3.PNG


Next Steps

See the Getting Started Basic CMI configuration guide.


Certificates

PuTTYgen

Some appliances may be configured to use certificates. The program PuTTYgen allows keys to be imported and also converted to a format used by PuTTY.

To import a certificate start PuTTYgen, and click the Load button. If the file you are loading is not a .ppk file, such as a .pem file, then select All Files from the File Type dropdown, and choose then select the relevant file.

Upon loading the file, PuTTYgen should display a message 'Successfully imported foreign key...,'. You will then need to click on 'Save private key' to save it as a PuTTY Private Key file (.ppk). You will also be prompted to 'Enter a passphrase' if required.

The PuTTY configuration allows a key to be specified under Connection/SSH/Auth of the PuTTY session you're configuring.


Known Issues

A break in Network connectivity will cause the PuTTY session to terminate.


Troubleshooting

  • Check that the IP address is the correct IP for the appliance;
  • Check that internal firewall policies allow connection to port 22.


WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!

The following message may be seen when connecting between Swivel virtual or hardware appliances.

 Press Return to continue
 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
 Someone could be eavesdropping on you right now (man-in-the-middle attack)!
 It is also possible that the RSA host key has just been changed.
 The fingerprint for the RSA key sent by the remote host is
 2d:40:e9:84:c3:c5:ec:cd:37:9b:21:ba:27:56:0e3:d4.
 Please contact your system administrator.
 Add correct host key in /root/.ssh/known_hosts to get rid of this message.
 Offending key in /root/.ssh/known_hosts:2
 RSA host key for 192.168.1.1 has changed and you have requested strict checking.
 Host key verification failed.

backup the file /root/.ssh/known_hosts in the appliance which is initiating the connection and remove the old key.

When a connection is made the new host is added

 [admin@gbcar-swvl2 ~]# ssh admin@192.168.1.1
 The authenticity of host '192.178.1.1 (192.168.1.1)' can't be established.
 RSA key fingerprint is 29:d2:2f:70:3a:34:d2:ed:aa:8f:fa:50:a9:65:a2:45.
 Are you sure you want to continue connecting (yes/no)? 
 Warning: Permanently added '192.168.1.1' (RSA) to the list of known hosts.
 Connection closed by 192.168.1.1