{{indexmenu_n>2}}
======SSH key for connecting to equipment======
Connection to the equipment through the graphical interface is performed via SSH. Authorization can occur either by password or by using a key — the latter method is more secure. \\
In this section, we will cover the key-based authorization process.
Connection must be made under a user with sudo privileges or as root (not recommended).\\ Add a sudo user on the equipment: [[dpi:dpi_components:dpiui:user_guide:admin_section:equipment_management:sudo_user|Sudo user]].
=====sshd configuration=====
The configuration file is located at ''/etc/ssh/sshd_config''.
We recommend checking the ''PubkeyAuthentication'' property — if it is missing, commented out, or set to ''no'', change the property value to ''yes''.
After any changes to the ''/etc/ssh/sshd_config'' file, the sshd service must be restarted with the command
sudo systemctl restart sshd
=====Step 1. Creating a key=====
- Navigate to the Administrator → SSH Keys section
- Click on the + at the top of the screen to add a new key\\ {{:dpi:dpi_components:dpiui:user_guide:admin_section:equipment_management:1.png?nolink&600|}}
- Enter the key name
- Upload the public and private key files
- If you already have ready-made keys, you can upload them by clicking the appropriate buttons\\ {{:dpi:dpi_components:dpiui:user_guide:admin_section:equipment_management:2.png?nolink&500|}}
- If the necessary ssh files are missing, they can be generated by clicking on the key icon. Optionally, you can add a passphrase. Then click Generate\\ {{:dpi:dpi_components:dpiui:user_guide:admin_section:equipment_management:3.png?nolink&500|}}\\ After generating the ssh files, download the public key to add it to the server.\\ If necessary, you can also download the private key — this is only possible at this stage.\\ {{:dpi:dpi_components:dpiui:user_guide:admin_section:equipment_management:4.png?nolink&500|}}
- If the private key is encrypted, provide the passphrase set during key creation\\ If no passphrase was set, leave the field blank
- Click Save
=====Step 2. Adding the ssh key to the equipment=====
- Navigate to Administrator → Equipment
- Open the equipment settings. The ssh key can be added to new or existing equipment.
- Create new equipment: click on the + at the top of the screen\\ {{:dpi:dpi_components:dpiui:user_guide:admin_section:equipment_management:5.png?nolink&600|}}
- Edit existing equipment: click the edit icon to the left of the equipment\\ {{:dpi:dpi_components:dpiui:user_guide:admin_section:equipment_management:6.png?nolink&300|}}
- When creating new equipment, fill in all fields with the necessary information. More details in the [[dpi:dpi_components:dpiui:user_guide:admin_section:equipment_management:list|Equipment management]] section.
- Select the Key-based authorization type\\ {{:dpi:dpi_components:dpiui:user_guide:admin_section:equipment_management:7.png?nolink&500|}}
- In the SSH Key field, select the previously created key. Or by clicking on the + create a new SSH key, the process is identical to that described in [[dpi:dpi_components:dpiui:user_guide:admin_section:equipment_management:ssh_keys#step_1_creating_a_key|Step 1. Creating a key]] (starting from point 4)\\ {{:dpi:dpi_components:dpiui:user_guide:admin_section:equipment_management:8.png?nolink&350|}}
- Click Save
=====Step 3. Adding the ssh key to the server=====
- Under the root user, navigate to the ''/root/'' folder\\ Under a regular user, navigate to the ''/home//'' folder
- Go to the hidden directory ''/.ssh/''
- Open the ''authorized_keys'' file
- Add the **public** key content to the file
After completing these steps, check the connection by clicking on the Hardware State button in the Administrator → Equipment section.\\
If all properties are in the “Ok” state, the connection was successful.
{{:dpi:dpi_components:dpiui:user_guide:admin_section:equipment_management:9.png?nolink&500|}}