SSH Tunneling on SCS100-200-400-1600-3200 #1

Owned by Jane
Last updated: May 21, 2020 by Subbu Seetharaman
2 min read

How do I set up SSH tunneling between the serial ports of two SCS's?

SSH tunneling is supported in firmversion 2.0/5, the last version released for the discontinued (SCS100/200/400/1600/3200) secure console servers.

V2.0/5 supports SSH Version 1 tunnels. There are no plans for future development of these products.

You can obtain v2.0/5 from:

Latest firmware for SCS100/200/400/1600/3200 Secure Console Servers
https://ltrxdev.atlassian.net/wiki/x/doHWBQ

Instructions for loading firmware start on PDF page 57 of the SCS1100/200/400 User Guide , available here:
http://www.lantronix.com/support/downloads/?p=SCSFAM

Once you have loaded v2.0/5, continue below.

Step 1

On both SCS's input the commands:

DEFINE PROTOCOL SSH MODE V1PREF
SET PROTOCOL SSH MODE V1PREF

Step 2

Copy the contents of the "identity.pub" file on the SCS initiating the connection to the "AUTHORIZED_KEYS" file of the SCS receiving the connection.

To do this:

FTP to the IP address of the initiating SCS
Enter "root" as the username
Enter the privileged user password ("system" by default)
CD to /flash/ssh
"Get" the identity.pub file
Exit the FTP session
In whatever local folder you saved the identity.pub file, change its name to AUTHORIZED_KEYS (upper case, and you will have to remove the extension)
FTP into the SCS that is receiving the connection
Use the "root" username and privileged user password as before
CD to /flash/ssh
Put the AUTHORIZED_KEYS file
Exit the FTP session

Step 3

In order to establish a trusted relationship, the first connection between the two SCS's must be established manually as the "root" or privileged user.

On the SCS that is establishing the connection, connect a serial console cable to the port you plan to tunnel to the receiving SCS. To manually establish the connection, type:

Username> root
Local_n> su
Password> system (default)
Local_n>> connect ssh xxx.xxx.xxx.xxx:22nn <--- xxx for IP address and nn for serial port number

You should see something like this:

%Info: The authenticity of host 'xxx.xxx.xxx.xxx' can't be established.
RSA key fingerprint is nn:nn:nn:nn:nn:nn:nn:nn:nn:nn:nn:nn:nn:nn:nn:nn.
%Warning: Added 'xxx.xxx.xxx.xxx' (RSA) to the list of known hosts.
SSH protocol emulation 2.2

Step 4

Now you can set up the ssh tunnel

On the receiving SSH, issue the commands:

Local_n>> define port n access remote
Local_n>> logout port n

On the establishing SCS, issue the commands:

Local_n>> define port n dedicated ssh xxx.xxx.xxx.xxx:22nn
Local_n>> define port n autostart enable
Local_n>> logout port n

The tunnel should now be established.


[Originally Published On: 07/31/2002 10:39 AM]

Report a new issue