User Manual
Chapter 15 Configuring Console Management 65
SSH Direct to a Port (Reverse SSH)
Reverse ssh is the same as a reverse telnet session except the
communication session is encrypted. Reverse ssh uses the socket
numbering scheme of 2500 + the port number. In the example below, the
user establishes a connection to port 12 on a Digi device.
ssh 192.1.2.3 2512
Users on a Linux system should use the following example for reverse ssh.
ssh -lroot -p2512 192.1.2.3
Alternate IP Addresses
If you want to simplify access to the ports, do the following to access a port
from a workstation on the LAN. You can assign IP addresses to each port
that will be connected to a managed device, which allows the administrator
to Telnet directly to the port without specifying a TCP port number. See the
set altip command in the Digi One/PortServer TS Command Reference for
more information.
Configuration
In this example, the device server is configured with
• Alternate IP addresses using set altip commands, which assign IP
addresses to ports 1 and 2. This enables direct access to one of
these ports with a Telnet command that specifies one of the IP
addresses.
• Password protection on ports 1 and 2. This is done with the set auth
command that leaves all hosts to login by specifying the ip address
as 0.0.0.0.
set ports dev=prn range=1-2
set line baud=19200 range=1 unrestricted=name ip=0.0.0.0
mask=0.0.0.0
set auth login=1-2 range=2
set altip group=1 ip=119.180.33.50
set altip group=2 ip=119.180.33.51
User Command
In this example, a user Telnets to port 1 using an IP address. The user will
be required to log in before access to the port is granted.
telnet 119.180.33.50
Securing Console Access
The device server provides the user with the ability to obtain secure and
reliable access to console ports. Access to ports can be restricted in three
ways:
1. User
Users can be setup with menu access, whereby the user is limited to
the options presented in the menu. A port can also be assigned a spe-