Home > Tripp Lite > Switch > Tripp Lite 0 Idades Manual

Tripp Lite 0 Idades Manual

    Download as PDF Print this page Share this page

    Have a look at the manual Tripp Lite 0 Idades Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 7 Tripp Lite manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    							101
    Chapter 6: Secure SSH Tunneling & SDT Connector
    6.3 SDT Connector to Management Console 
    SDT Connector can also be configured for browser access to the gateway’s Manageme\
    nt Console – and for Telnet or SSH 
    access to the gateway command line. For these connections to the gateway itself, you must configure SDT Connector to 
    access the gateway (itself) by setting the Console Server up as a host, and then configuring the appropriate services:
    • Launch SDT Connector on your computer. Assuming you have already set up the Console Server as a Gateway in your SDT 
    Connector client (with username/ password etc), select this newly added Gateway and click the Host icon to create a host. 
    Alternatively, select File: New Host
    •  Enter 127.0.0.1 as the Host Address and give some details in Descriptive Name/Notes. Click OK
     
    •  Click the HTTP or HTTPS Services icon to access the gateway's Management Console, and/or click \
    SSH or Telnet to access 
    the gateway command line console
    Note: To enable SDT access to the gateway console, you must now configure the\
     Console Server to allow port forwarded 
    network access to itself:  
    • Browse to the Console Server and select Network Hosts from Serial & Network. Click Add Host and in the IP Address/
    DNS Name field enter 127.0.0.1 (this is the Console Server's network loopback\
     address). Then enter Loopback in 
    Description  
    • Remove all entries under Permitted Services except for those that will be used in accessing the Management Console (\
    80/
    http or 443/https) or the command line (22/ssh or 23/Telnet). Scroll to the bottom and click Apply
    • Administrators by default have gateway access privileges. However for Us\
    ers to access the gateway Management Console, 
    you will need to give those Users the required access privileges. Select\
     Users & Groups from Serial & Network. Click Add 
    User. Enter a Username, Description and Password/Confirm. Select 127.0.0.1 from Accessible Host(s) and click Apply  
    						
    							102
    6.4 SDT Connector - Telnet or SSH Serial Device Connection
    SDT Connector can also be used to access text consoles on devices that are attached t\
    o the Console Server’s serial ports. For 
    these connections, you must configure the SDT Connector client software with a Service that will access the target gateway 
    serial port, and then set the gateway up as a host: 
    • Launch SDT Connector on your computer. Select Edit: Preferences and click the Services tab. Click Add  
    • Enter “Serial Port 2” in Service Name and click Add  
    • Select Telnet client as the Client. Enter 2002 in TCP Port. Click OK, then Close and Close again
     
    Chapter 6: Secure SSH Tunneling & SDT Connector
    •  Assuming you have already set up the target Console Server as a gateway \
    in your SDT Connector client (with username/ 
    password etc), select this gateway and click the Host icon to create a host. Alternatively, select File: New Host. 
    •  Enter 127.0.0.1 as the Host Address and select Serial Port 2 for Service. In Descriptive Name, enter something along 
    the lines of Loopback ports, or Local serial ports. Click OK.
    • Click Serial Port 2 icon for Telnet access to the serial console on the device attached to serial port\
     #2 on the gateway 
    To enable SDT Connector to access to devices connected to the gateway’s serial ports, you mu\
    st also configure the Console 
    Server itself to allow port forwarded network access to itself, and enable access to the nominated serial port:  
    •  Browse to the Console Server and select Serial Port from Serial & Network
    • Click Edit to selected Port # (e.g. Port 2 if the target device is attached to the second serial port). Ensu\
    re the port’s serial 
    configuration is appropriate for the attached device
    •  Scroll down to Console Server Setting and select Console Server Mode. Check Telnet (or SSH) and scroll to the bottom 
    and click Apply
    • Select Network Hosts from Serial & Network and click Add Host
    •  In the IP Address/DNS Name field, enter 127.0.0.1 (this is the Console Server’s network loopback address) and enter 
    Loopback in Description 
    •  Remove all entries under Permitted Services and select TCP and enter 200n in Port. (This configures the Telnet port 
    enabled in the previous step, so for Port 2 you would enter 2002)
    • Click Add then scroll to the bottom and click Apply
    •  Administrators by default have gateway and serial port access privileges\
    ; however for Users to access the gateway and the 
    serial port, you will need to give those Users the required access privi\
    leges. Select Users & Groups from Serial & Network. 
    Click Add User. Enter a Username, Description and Password/Confirm. Select 127.0.0.1 from Accessible Host(s) and 
    select Port 2 from Accessible Port(s). Click Apply.  
    						
    							103
    Chapter 6: Secure SSH Tunneling & SDT Connector
    6.5 SDT Connector OoB Connection 
    SDT Connector can also be set up to connect to the Console Server via out-of-band (OoB). OoB access uses an alternate path 
    for connecting to the Console Server (i.e. not the one used for regular\
     data traffic). OoB access is useful when the primary link 
    into the gateway is unavailable or unreliable.
    Typically a Console Server's primary link is a broadband Internet connect\
    ion or Internet connection via a LAN or VPN, and the 
    secondary out-of-band connectivity is provided by a dial-up or wireless modem directly a\
    ttached to the gateway. So out-of-
    band access enables you to access the hosts and serial devices on the ne\
    twork, diagnose any connectivity issues, and restore 
    the gateway's primary link.
    In SDT Connector, OoB access is configured by providing the secondary IP address of th\
    e gateway, and telling SDT Connector 
    how to start and stop the OoB connection. Starting an OoB connection may\
     be achieved by initiating a dial-up connection, or 
    adding an alternate route to the gateway. SDT Connector allows for maximum flexibility by allowing you to provide your own 
    scripts or commands for starting and stopping the OoB connection.
     
    To configure SDT Connector for OoB access:
    •  When adding a new gateway or editing an existing gateway, select the Out Of Band tab  
    •  Enter the secondary OoB IP address for the gateway (e.g. the IP address\
     to be used when dialing in directly). You may also 
    modify the gateway's SSH port if it's not using the default of 22
    •  Enter the command or path to a script to start the OoB connection in Start Command
      o To initiate a pre-configured dial-up connection under Windows, use the following Start Command:
      cmd /c start "Starting Out of Band Connection" /wait /min rasdial networ\
    k_connection login password
       The network_connection in the above is the name of the network connection as displayed in Control Panel ->  
        Network Connections. Login is the dial-in username, and password is the dial-in password for the connection.
     o To initiate a pre-configured dial-up connection under Linux, use the fo\
    llowing Start Command:
        pon network_connection
       The network_connection in the above is the name of the connection. 
    •  Enter the command or path to a script to stop the OoB connection in Stop Command  
      o To stop a pre-configured dial-up connection under Windows, use the following Stop Command:
      cmd /c start "Stopping Out of Band Connection" /wait /min rasdial networ\
    k_connection /disconnect
      The network_connection in the above is the name of the network connection as displayed in Control Panel ->    
        Network Connections.
     o To stop a pre-configured dial-up connection under Linux, use the follow\
    ing Stop Command:
      poff network_connection  
    						
    							104
    Chapter 6: Secure SSH Tunneling & SDT Connector
    To make the OoB connection using SDT Connector:
    • Select the gateway and click Out Of Band. The status bar will change col\
    or to indicate this gateway is now being access using 
    the OoB link rather than the primary link
     
    When you connect to a service on a host behind the gateway, or to the Console Server gateway itself, SDT Connector will 
    initiate the OoB connection using the provided Start Command. The OoB co\
    nnection isn't stopped (using the provided Stop 
    Command) until Out Of Band under Gateway Actions is clicked off, at which point the status bar will return to its normal color.
    6.6  Importing (and Exporting) Preferences 
    To enable the distribution of pre-configured client config files, SDT Connector has an Export/Import facility:
     
    •  To save a configuration .xml file (for backup or for importing into \
    other SDT Connector clients), select File: Export 
    Preferences and select the location to save the configuration file
    •  To import a configuration, select File: Import Preferences and select the .xml configuration file to be installed   
    						
    							105
    Chapter 6: Secure SSH Tunneling & SDT Connector
    6.7 SDT Connector Public Key Authentication
    SDT Connector can authenticate against an SSH gateway using your SSH key pair rather than requiring your to enter your 
    password. This is known as public key authentication.
    To use public key authentication with SDT Connector, you must first add the public part of your SSH key pair to your SSH 
    gateway:
    •  Ensure the SSH gateway allows public key authentication. This is typically the defau\
    lt behavior
    •  If you do not already have a public/private key pair for your client com\
    puter (the one which the  SDT Connector is running) 
    generate them now using ssh-keygen, PuTTYgen or a similar tool. You may use RSA or DSA, however it is important that 
    you leave the passphrase field blank:
      o PuTTYgen: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
     o OpenSSH:   http://www.openssh.org/
      o OpenSSH (Windows):  http://sshwindows.sourceforge.net/download/
    •  Upload the public part of your SSH key pair (this file is typically named id_rsa.pub or id_dsa.pub) to the SSH gateway, or 
    add it to the .ssh/authorized keys in your home directory on the SSH gateway
    •  Next, add the private part of your SSH key pair (this file is typically named id_rsa or id_dsa) to SDT Connector. 
    Click Edit: Preferences: Private Keys: Add, locate the private key file and click OK
    You do not have to add the public part of your SSH key pair; it is calculated using the private key.
    SDT Connector will now use public key authentication when connecting thr\
    ough the SSH gateway (Console Server). You may 
    have to restart SDT Connector to shut down any existing tunnels that wer\
    e established using password authentication.
    If you have a host behind the Console Server that you connect to by clic\
    king the SSH button in SDT Connector, you may also 
    wish to configure access to it for public key authentication as well. \
    This configuration is entirely independent of SDT Connector 
    and the SSH gateway. You must configure the SSH client that SDT Connector launches (e.g. Putty, OpenSSH) and the host's 
    SSH server for public key authentication. Essentially, what you are using is SSH over SSH, and the two SSH connections are 
    entirely separate.  
    						
    							106
    Chapter 6: Secure SSH Tunneling & SDT Connector
    6.8 Setting up SDT for Remote Desktop Access
    Microsoft’s Remote Desktop Protocol (RDP) enables the system manage\
    r securely to access and manage remote Windows 
    computers: to reconfigure applications and user profiles, upgrade th\
    e server’s operating system, reboot the machine, etc. 
    Secure Tunneling uses SSH tunneling, so this RDP traffic is securely transferred through an a\
    uthenticated and encrypted 
    tunnel. 
    SDT with RDP also allows remote Users to connect to Windows XP, Vista, Windows 2003 computers and to Windows 2000 
    Terminal Servers, and to have access to all of the applications, files,\
     and network resources (with full graphical interface just 
    as though they were in front of the computer screen itself). To set up a secure Remote Desktop connection, you must enable 
    Remote Desktop on the target Windows computer that is to be accessed and configure the RPD client so\
    ftware on the client 
    computer.
    6.8.1   Enable Remote Desktop on the target Windows computer to be accessed
    To enable Remote Desktop on the Windows computer being accessed:
    • Open System in the Control Panel and click the Remote tab
     
    • Check Allow users to connect remotely to this computer 
    • Click Select Remote Users   
    						
    							107
    Chapter 6: Secure SSH Tunneling & SDT Connector
     
    •  To set the user(s) who can remotely access the system with RDP, click Add on the Remote Desktop Users dialog box 
    Note: If you need to set up new users for Remote Desktop access, open User Accounts in the Control Panel and proceed 
    through the steps to nominate the new user’s name, password and accou\
    nt type (Administrator or Limited)
    Note: With Windows XP Professional and Vista, you have only one Remote Desktop sessi\
    on and it connects directly to the 
    Windows root console. With Windows Server 2008 you can have multiple sessions, and with Server 2003 \
    you have three 
    sessions (the console session and two other general sessions). Therefo\
    re, more than one user can have an active session on 
    a single computer. 
    When the remote user connects to the accessed computer on the console se\
    ssion, Remote Desktop automatically locks that 
    computer (so no other user can access the applications and files). W\
    hen you come back to the computer, you can unlock it by 
    typing CTRL+ALT+DEL.
    6.8.2   Configure the Remote Desktop Connection client 
    Now that you have the Client computer securely connected to the Console \
    Server (either locally, or remotely, thru the 
    enterprise VPN, or a secure SSH internet tunnel or a dial-in SSH tunnel), you are ready to establish the Remote Desktop 
    connection from the Client. To do this you simply enable the Remote Desktop Connection on the remote \
    client computer then 
    point it to the SDT Secure Tunnel port in the Console Server:
    A. On a Windows client computer
    • Click Start. Point to Programs, then to Accessories, then Communications, and click Remote Desktop Connection 
     
    • In Computer, enter the appropriate IP Address and Port Number: 
      o Where there is a direct local or enterprise VPN connection, enter the IP\
     Address of the Console Server, and  
        the Port Number of the SDT Secure Tunnel for the Console Server’s serial port (the one that is attached\
     to the  
       Windows computer to be controlled). For example, if the Windows computer is connected to serial Port 3 on a  
       Console Server located at 192.168.0.50 then you would enter 192.168.0.50:7303.
     o Where there is an SSH tunnel (over a dial-up PPP connection or over a public internet conn\
    ection or private  
        network connection), simply enter the localhost as the IP address, i.e. 127.0.0.1. For Port Number, enter the  
      source port you created when setting SSH tunneling/port forwarding (in Section 6.1.6) e.g.:1234.
    • Click Option. In the Display section, specify an appropriate color depth (e.g. for a modem connecti\
    on it is recommended 
    you not use over 256 colors). In Local Resources, specify the peripherals on the remote Windows computer that are to 
    be controlled (printer, serial port, etc.)  
    						
    							108
    Chapter 6: Secure SSH Tunneling & SDT ConnectorChapter 6: Secure SSH Tunneling & SDT Connector
     
    •  Click Connect 
    Note: The Remote Desktop Connection software is pre-installed on Windows XP. However, for earlier Windows computers, you 
    will need to download the RDP client:
    •  Go to the Microsoft Download Center site   http://www.microsoft.com/downloads/details.aspx?familyid=80111F21-D48D-
    426E-96C2-08AA2BD23A49&displaylang=en and click the Download button
    This software package will install the client portion of Remote Desktop \
    on Windows 95, Windows 98 and 98 Second Edition, 
    Windows Me, Windows NT 4.0, Windows 2000, and Windows 2003. When run, this software allows these older Windows 
    platforms to remotely connect to a computer running Windows XP Professional or Windows 2003 Server
    B. On a Linux or UNIX client computer:
    •  Launch the open source rdesktop client: 
    rdesktop -u windows-user-id -p windows-password -g 1200x950 ms-windows-terminal-server-host-name
    optiondescription
    -aColor depth: 8, 16, 24
    -rDevice redirection. i.e. Redirect sound on remote machine to local devic\
    e  i.e. -0 -r sound (MS/Windows 2003)
    -gGeometry: widthxheight or 70% screen percentage.
    -pUse -p - to receive password prompt.
    •  You can use GUI front end tools like the GNOME Terminal Services Client  tsclient to configure and launch the rdesktop 
    client. (Using tsclient also enables you to store multiple configurations of rdesktop for connection to many servers.)  
    						
    							109
    Chapter 6: Secure SSH Tunneling & SDT ConnectorChapter 6: Secure SSH Tunneling & SDT Connector
     
    Note: The rdesktop client is supplied with Red Hat 9.0:
    •  rpm -ivh rdesktop-1.2.0-1.i386.rpm 
    For Red Hat 8.0 or other distributions of Linux; download source, untar, configure, make, make then install.
    rdesktop currently runs on most UNIX based platforms with the X Window System and can be downloaded from http://www.
    rdesktop.org/  
    C. On a Macintosh client:
    •  Download Microsoft's free Remote Desktop Connection client for Mac OS X \
    http://www.microsoft.com/mac/otherproducts/
    otherproducts.aspx?pid=remotedesktopclient  
    						
    							110
    Chapter 6: Secure SSH Tunneling & SDT Connector
    6.9 SDT SSH Tunnel for VNC 
    Alternately, with SDT and Virtual Network Computing (VNC), Users and Administrato\
    rs can securely access and control 
    Windows 98/NT/2000/XP/2003, Linux, Macintosh, Solaris and UNIX computers.\
     There’s a range of popular VNC software 
    available (UltraVNC, RealVNC, TightVNC) freely and commercially. To set up a secure VNC connection, install and configure 
    the VNC Server software on the computer to be accessed. Then install and\
     configure the VNC Viewer software on the Viewer 
    computer. 
    6.9.1  Install and configure the VNC Server on the computer to be accessed
    Virtual Network Computing (VNC) software enables users to remotely acc\
    ess computers running Linux, Macintosh, Solaris, 
    UNIX, all versions of Windows and most other operating systems.
    A. For Microsoft Windows servers (and clients):
    Windows does not include VNC software, so you will need to download, inst\
    all and activate a third party VNC Server software 
    package: 
    RealVNC http://www.realvnc.com is fully cross-platform, so a desktop running on a Linux ma\
    chine may 
    be displayed on a Windows computer, on a Solaris machine, or on any number of other architectures. 
    There is a Windows server, allowing you to view the desktop of a remote Windows machine on any of 
    these platforms using exactly the same viewer. RealVNC was founded by members of the AT&T team who 
    originally developed VNC. 
     
    TightVNC http://www.tightvnc.com is an enhanced version of VNC. It has added features such \
    as file 
    transfer, performance improvements and read-only password support. They have jus\
    t recently included 
    a video drive much like UltraVNC. TightVNC is still free, cross-platform\
     (Windows Unix and Linux) and 
    compatible with the standard (Real) VNC.
     
    UltraVNC http://ultravnc.com is easy to use, fast and free VNC software \
    that has pioneered and perfected 
    features that the other flavors have consistently refused or been very\
     slow to implement for cross platform 
    and minimalist reasons. UltraVNC runs under Windows operating systems (95, 98, Me, NT4, 2000, XP, 
    2003) Download UltraVNC from Sourceforge's UltraVNC file list 
    B. For Linux servers (and clients):
    Most Linux distributions now include VNC Servers and Viewers. They are g\
    enerally launched from the (Gnome/KDE etc) front 
    end. For example, there’s VNC Server software with Red Hat Enterprise Linux\
     4 and a choice of Viewer client software. To 
    launch:
    •  Select the Remote Desktop entry in the Main Menu: Preferences menu
    •  Click the Allow other users checkbox to allow remote users to view and control your desktop  
    						
    All Tripp Lite manuals Comments (0)