Enabling SSH Password Authentication (Opening the Shell)


This article applies to:

  • Web Filter

Question:

  • How do I enable SSH password authentication for connection to a WebFilter server?

Procedure:

NOTE: In order to complete the following procedure, you must contact Trustwave Support and open a case to obtain the password needed in step 5.

PART I – Shut Down and Connect a Keyboard and Monitor

 

  1. Bring the system down: Navigate to System > Control  and click ShutDown
     
     
  2. Click the ShutDown button to power off the system.


  3. Connect a monitor to the VGA port and the keyboard to a USB or PS/2 port on the back of the system:

PART II – Single User Mode

  1. Power up the system by pressing and holding the green check mark key (located on the LCD panel on the front of the chassis) for three seconds.
  2. On the GNU GRUB screen press p to bring up the password dialog box, and enter in the password.

    NOTE: Please contact Trustwave Support and open a case to obtain the password.
  3. Press e to edit the entry.


     
  4. Use the up arrow and down arrow keys to select the line that starts with ‘kernel’ and press e to edit the line.


     
  5. At the end of this line, press the spacebar to put in a space and type the word single and then press enter




    You should now be back to the previous screen. Press b to boot into single-user mode.

    PART III – Enable SSH Password Authentication

    1. At the prompt, type the command nano /etc/ssh/sshd_config


       
    2. Use the arrow keys to find the line that says PermitRootLogin*, and change it to yes



      *Note: this entry does not exist on all systems. If it is not present, skip to the next step.
       
    3. Use the arrow keys to find the line that says PasswordAuthentication, and change it to yes

    4. To save, press Ctrl+x, then press y, and hit enter
    5. Restart sshd by running the command /etc/init.d/sshd restart

    6.  You will see “Starting sshd” set to OK.

    7. Press Ctrl+d to boot the system back up into multiuser mode.

      It will run through all of its checks, and bring you back to your logon screen.



    Part IV - Test the Connection

    1. Open a terminal window or start a PuTTY session to verify that SSH is enabled from a device on the same network (not the filter). You can download PuTTY from http://www.putty.org/
    2. Enter SSH [Filter IP] (for example, SSH 10.10.10.11 ). When prompted to continue connecting, type yes.
    3. Enter any user name. If you are prompted for a password, then SSH has been successfully enabled.

    4. Repeat steps 1-4 to remove the monitor and keyboard, if necessary.

    Last Modified 12/13/2016.
    https://support.trustwave.com/kb/KnowledgebaseArticle20558.aspx