138 | XIO USER MANUAL | 2106424MNAB
Table 7-8: Security keys
Name
privileges
keys
user
access
(Read-only)
user private
key
The following folders and contents are available for download:
Crash Dumps
Flash: Main Totalflow application (App), Factory
configuration, Startup (cold) configuration
Logs: System and device loader log files
tfData: Running (warm) configuration files
7.7.2 SSH/SFTP authentication
Session keys encrypt the communication between the client and the SSH/SFTP server to provide security.
Authentication requires specific private-public key pairs for the type of access. ABB provides default
private keys and passphrases to customers upon request. ABB stores the default public keys at the factory
in a protected storage location on the device's flash. They remain unchanged by updates.
To re qu es t a connection to the SSH/SFTP service, provide the private key and passphrase. The service
compares the private key with the public key stored in the Totalflow device. If the keys pair correctly, the
connection is successful.
Private keys do not ship with the product or user interface software. ABB
keeps the keys and credentials safely stored. Request keys
for SSH/SFTP access. Enable the service
necessary.
7.7.3 Update default SSH/SFTP keys
ABB Totalflow generates default keys, but customers must generate their own private keys for security
reasons. To up da te the private key, first update the corresponding public key stored on the XIO device.
This procedure describes how to regenerate a private key and update the corresponding public key on the
device.
Only permit an authorized expert user to perform this procedure. This
procedure requires developer or tech
-support access. Failure to follow the procedure in its entirety
s access to the SSH/SFTP service. To obtain default keys for this type of access, call ABB
.
Update requirements
The key update requires third-party software.
Obtain the following before update:
Third-party software, such as PuTTYgen
, to generate new keys. Download PuTTYgen as part of a
putty package or as a standalone utility.
Third-party SFTP client software to establish SFTP connections with the device (FileZilla).
Latest PCCU from ABB. Download PCCU from www.abb.com/upstream.
The private keys for developer or tech support accounts, and their respective passphrases for
S F T P. To change the keys for the first time, request the default keys from ABB. Otherwise, use
previously-updated keys.
There are other options for the third-party software. PuTTYgen and FileZilla
. The update procedure is similar with other software.
Generate private-public key pair
This procedure generates and saves a new private-public key pair. The private key, passphrase and public
key are stored safely on the user’s laptop or PC. The public key must also be saved in the XIO
device. The
To Next Page
Loading...
Need help?
General
