Content
This how to explains why the SSH communication in a ctrlX CORE is in standard deactivated and how to activate it.
Explanation
The SSH connection is inactive by default because of security reasons as this connection can be used to accidentally or on malicious purpose modify operating system resources of the ctrlX CORE.
1 - Request user assertion
To activate it again you need to have a special system user (In a ctrlX COREvirtual a system user is always available by default, continue with step "3 Activate SSH"). Please get in contact with your known sales contact person to request it, or have a look to the contact area on our homepage to find someone, as a usage agreement needs to signed.
Please always add following information to your request for a system user:
- Your full name
- Company name and address
- What you need root access for
- Serial number of your ctrlX CORE or ctrlX Device ID
- ctrlX CORE device type (virtual, X2, X3, X5, X7, OS, ...)
- Wanted user name and password
- User name must start with lower case letter [a-z] or with '_'
- User name may contain lower case letters [a-z], digits [0-9], '_' or '-'. It may end with '$'
- Usage period (max one year)
2 - Upload user assertion
Afterwards you will get an assertion file that can be uploaded to the ctrlX CORE via the user management page ("Settings/Users & Permissions/Users") and adds the system/root user. This is for development purposes only! Your ctrlX CORE will be marked as unsafe device further on and must not be used in production mode. You will have to sign a corresponding agreement that you are aware of the risks and consequence. Beware that your time and date needs to be set corretly in the ctrlX OS.
3 - Activate SSH
As soon as a system user is available in the ctrlX CORE the SSH connection can be activated via "Settings/SSH":
Notes
- Time and date needs to be set corretly in the ctrlX OS
- ctrlX Device ID is always needed for ctrlX OS on third party hardware (not ctrlX CORE)
- In a ctrlX COREvirtual a system user named "rexroot" and same for password is always available by default
- A new user will be created with uploading an assertion. There must not be already a user with the same name on the system.
- From version 1.18 on, the system will permanently show a warning because your system could be comprised by the root user. This cannot be suppressed but after deleting the user it will disappear automatically:
Security: User management warning · System user exists · user management
080E0300 / 0C7A0057 · 23.01.2023 11:07:20.690
Connection examples
- ctrlX COREvirtual in port forwarding mode:
ssh -p8022 [email protected]
- ctrlX CORE or ctrlX COREvirtual in network adapter mode:
ssh <name of system user>:<IP of control>