Configuring lawful interception ssh

From TBwiki
(Difference between revisions)
Jump to: navigation, search
(Needs revising edit)
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
Toolpack can use the secure FTP (SFTP) protocol to upload IRI records to a remote server.
 
Toolpack can use the secure FTP (SFTP) protocol to upload IRI records to a remote server.
  
For security reasons (like not storing the remote SFTP server as clear text into the Toolpack MySQL database!), '''it requires SFTP to be used in password-less mode'''.
+
For security reasons (such as not storing the SFTP server's password as clear text in the Toolpack MySQL database), '''it requires that SFTP be used in password-less mode'''.
  
SSH password-less mode is configured by setting-up client/server authentication through exchange of private/public SSH keys.
+
SSH password-less mode is configured by setting-up client server authentication through an exchange of private/public SSH keys.
  
Here is the procedure to create and exchange SSH authentication keys.
+
The following procedure describes how to create and exchange SSH authentication keys.
 
*[[password less ssh|Configure password-less SSH login (from or to other servers)]]
 
*[[password less ssh|Configure password-less SSH login (from or to other servers)]]
  
'''IMPORTANT NOTE''': Don't forget to enable password-less SSH on both TMedia hosts, when redundant hosts are used ([[tmedia 1+1|1+1]], [[TMG7800|TMG7800]], or redundant external Toolpack hosts)
+
'''IMPORTANT NOTE''': Remember to enable password-less SSH on both TMedia hosts, when redundant hosts are used ([[tmedia 1+1|1+1]], [[TMG7800|TMG7800]], or redundant external Toolpack hosts)

Latest revision as of 13:44, 8 March 2018

Toolpack can use the secure FTP (SFTP) protocol to upload IRI records to a remote server.

For security reasons (such as not storing the SFTP server's password as clear text in the Toolpack MySQL database), it requires that SFTP be used in password-less mode.

SSH password-less mode is configured by setting-up client server authentication through an exchange of private/public SSH keys.

The following procedure describes how to create and exchange SSH authentication keys.

IMPORTANT NOTE: Remember to enable password-less SSH on both TMedia hosts, when redundant hosts are used (1+1, TMG7800, or redundant external Toolpack hosts)

Personal tools