SystemLink

cancel
Showing results for 
Search instead for 
Did you mean: 

cRIO SystemLink client SSH port

Solved!
Go to solution

Hi,

 

The description of the cRIO SystemLink installation shows the following message:cRIO SystemLink Client install description.PNG

Does this imply that SystemLink server needs to be able to reach the SSH port of the connected cRIOs for specific services?

If yes, which services would that be?

 

The use case I have i mind is a client that is somewhere in the field without being on a VPN or something similar. I wouldn't want to open the SSH port to the internet, I wouldn't be necessary since the client knows how to find the server and it's port are reachable. I would think that if the server needs to setup an SSH connection it could do it by having the client reverse back to the server using the available RabbitMQ communication services. I would like to have a phone home-only situation, not the other way around.

 

Regards,
André (CLA, CLED)
0 Kudos
Message 1 of 5
(1,458 Views)

Hi André,

 

I believe the suggestion is there to hopefully prevent unwanted remote access via the default admin password.

0 Kudos
Message 2 of 5
(1,440 Views)

Hi Notanae,

 

I also understand the same from the description, but this is not the question I asked.

 

I'll rephrase the question in case it wasn't clear the first time:

Is there a dependency between SystemLink server and a RIO target that explicitly requires access to the cRIOs SSH port from the SystemLink server?

 

What services is disabled by closing the cRIOs SSH port?

Regards,
André (CLA, CLED)
0 Kudos
Message 3 of 5
(1,435 Views)

Hi André,

 

You are right, and those are two good questions. 

I will explore our internal SystemLink resources for insight and get back to you with what I find. 

 

Best.

0 Kudos
Message 4 of 5
(1,429 Views)
Solution
Accepted by topic author andre.buurman@carya

SSH is only required if you want to remotely add LinuxRT targets to the server from the server using Discovered Systems view. 

 

If SSH is enabled you can add the target by specifying the IP/hostname, username and password and the SystemLink server will connect to the target over SSH, modify the server IP address/hostname, restart the salt-minion service, and automatically approve the target.

 

If SSH is disabled, you will need to specify the server/master using something like MAX or any other means you have for modifying the /etc/salt/minion.d/master.conf and restarting the salt-minion service.  Once configured you then need to manually approve the target from the SystemLink web interface.

 

SSH is not required or used once the target has connected to the server, however you can use the SystemLink web interface to change the SSH password after it has connected.

 

Message 5 of 5
(1,422 Views)