Configuring SSH Authentication

Password Authentication

Public Key Authentication

CenterClick NTP200 and NTP250 Documentation - SSH Authentication

Main

Docs
o Features
o Hardware
o Software
o Getting Started
o Release Notes
o Front Panel Button
o Front Panel LEDs
o USB Console
o Admin CLI
o Using HTTPS
o SSH Authentication
o Client List
o Antenna Issues
o Graphs
o PPS Output
o Reimage

Live Demo

Contact Us
Feedback and Bug Reports
Follow us on LinkedIn

Privacy Policy
Shipping and Tax
Returns and Warranty

By default SSH is disabled. SSH can be enabled on the USB admin console.

When enabling SSH for the first time, you will be asked to configure an account password for the 'admin' user, this is the default authentication method.

NTP250> conf services
Configuring Services...

Service Commands:
  exit                                  Exit Service Menu
  no http                               Disable HTTP interface
  https                                 Enable HTTPS interface
  location privacy                      Enable Location Privacy on HTTP
  ssh                                   Enable SSH

NTP250[srv]> ssh
Enabling user admin... 
New password: 
Retype new password: 
Enabling SSH...

Service Commands:
  exit                                  Exit Service Menu
  no http                               Disable HTTP interface
  https                                 Enable HTTPS interface
  location privacy                      Enable Location Privacy on HTTP
  ssh password                          Update SSH password
  ssh authkeys                          Add SSH authorized keys
  no ssh                                Disable SSH

NTP250[srv]>

CenterClick NTP200 and NTP250 Documentation - SSH Authentication

Main

Docs
o Features
o Hardware
o Software
o Getting Started
o Release Notes
o Front Panel Button
o Front Panel LEDs
o USB Console
o Admin CLI
o Using HTTPS
o SSH Authentication
o Client List
o Antenna Issues
o Graphs
o PPS Output
o Reimage

Live Demo

Contact Us
Feedback and Bug Reports
Follow us on LinkedIn

Privacy Policy
Shipping and Tax
Returns and Warranty

Configuring SSH Authentication

By default SSH is disabled. SSH can be enabled on the USB admin console.

Password Authentication

When enabling SSH for the first time, you will be asked to configure an account password for the 'admin' user, this is the default authentication method.

NTP250> conf services Configuring Services... Service Commands: exit Exit Service Menu no http Disable HTTP interface https Enable HTTPS interface location privacy Enable Location Privacy on HTTP ssh Enable SSH NTP250[srv]> ssh Enabling user admin... New password: Retype new password: Enabling SSH... Service Commands: exit Exit Service Menu no http Disable HTTP interface https Enable HTTPS interface location privacy Enable Location Privacy on HTTP ssh password Update SSH password ssh authkeys Add SSH authorized keys no ssh Disable SSH NTP250[srv]>

Public Key Authentication

After SSH is enabled, you can add public key authentication. Once public key authentication is set up you can either remove the account password or leave it as an alternative authentication.

Enabling or updating public key authentication is a 3-step process.

Create an 'authorized_keys' file containing 1 or more public key lines. This file is the same format as you'd find on any Linux system in the '${HOME}/.ssh/authorized_keys' file.
Upload this file to the device using scp
Apply the 'authorized_keys' file

NTP250> conf services Configuring Services... Service Commands: exit Exit Service Menu no http Disable HTTP interface https Enable HTTPS interface location privacy Enable Location Privacy on HTTP ssh password Update SSH password ssh authkeys Add SSH authorized keys no ssh Disable SSH NTP250[srv]> ssh authkeys ERROR: No new authorized_keys file found, you must scp it first

Create and upload the file using SCP in advance:

$ scp authorized_keys admin@ntp1.example.com:authorized_keys admin@ntp1.example.com's password: authorized_keys 100% 738 128.1KB/s 00:00 $

NOTE: only specific SCP destinations are allowed, you must copy the file individually and to the exact destination above. Once uploaded it will be detected:

NTP250> conf services Configuring Services... Service Commands: exit Exit Service Menu no http Disable HTTP interface https Enable HTTPS interface location privacy Enable Location Privacy on HTTP ssh password Update SSH password ssh authkeys Add SSH authorized keys no ssh Disable SSH NTP250[srv]> ssh authkeys Installing SSH authorized keys file... Service Commands: exit Exit Service Menu no http Disable HTTP interface https Enable HTTPS interface location privacy Enable Location Privacy on HTTP ssh password Update SSH password no ssh password Disable SSH password based auth ssh authkeys Update SSH authorized keys no ssh authkeys Disable SSH authorized keys auth no ssh Disable SSH NTP250[srv]>

Note that once public key authentication is enabled, you can now disable password authentication if desired.

To update the authorized_keys file, simply scp it again and run 'ssh authkeys' again.

© 2023 CenterClick LLC

After SSH is enabled, you can add public key authentication. Once public key authentication is set up you can either remove the account password or leave it as an alternative authentication.

Enabling or updating public key authentication is a 3-step process.

Create an 'authorized_keys' file containing 1 or more public key lines. This file is the same format as you'd find on any Linux system in the '${HOME}/.ssh/authorized_keys' file.
Upload this file to the device using scp
Apply the 'authorized_keys' file

NTP250> conf services
Configuring Services...

Service Commands:
  exit                                  Exit Service Menu
  no http                               Disable HTTP interface
  https                                 Enable HTTPS interface
  location privacy                      Enable Location Privacy on HTTP
  ssh password                          Update SSH password
  ssh authkeys                          Add SSH authorized keys
  no ssh                                Disable SSH

NTP250[srv]> ssh authkeys
ERROR: No new authorized_keys file found, you must scp it first

Create and upload the file using SCP in advance:

$ scp authorized_keys admin@ntp1.example.com:authorized_keys
admin@ntp1.example.com's password: 
authorized_keys                               100%  738   128.1KB/s   00:00    
$

NOTE: only specific SCP destinations are allowed, you must copy the file individually and to the exact destination above. Once uploaded it will be detected:

NTP250> conf services
Configuring Services...

Service Commands:
  exit                                  Exit Service Menu
  no http                               Disable HTTP interface
  https                                 Enable HTTPS interface
  location privacy                      Enable Location Privacy on HTTP
  ssh password                          Update SSH password
  ssh authkeys                          Add SSH authorized keys
  no ssh                                Disable SSH

NTP250[srv]> ssh authkeys
Installing SSH authorized keys file... 

Service Commands:
  exit                                  Exit Service Menu
  no http                               Disable HTTP interface
  https                                 Enable HTTPS interface
  location privacy                      Enable Location Privacy on HTTP
  ssh password                          Update SSH password
  no ssh password                       Disable SSH password based auth
  ssh authkeys                          Update SSH authorized keys
  no ssh authkeys                       Disable SSH authorized keys auth
  no ssh                                Disable SSH

NTP250[srv]>

Note that once public key authentication is enabled, you can now disable password authentication if desired.

To update the authorized_keys file, simply scp it again and run 'ssh authkeys' again.