Connect using SSH (2024)

Table of Contents
In this article What you need to connect using SSH Start the SSH server Connecting using a name and password Username and password in Factory OS Connecting using a key pair Create a keypair Connect Secure FTP
  • Article

You can use OpenSSH to connect to your Factory OS test devices and VMs and run commands or transfer files. OpenSSH (Secure Shell) is a standard protocol for secure terminal connections.

You can use SSH to connect to all Factory OS images

Connect using SSH (1)

What you need to connect using SSH

To connect to a device using SSH, you'll have need:

  • The SSH server started on your Factory OS device
  • An SSH client on your technician PC. Windows 10 includes an SSH client that's installed by default.
  • The IP address of the device you're connecting to. In Factory OS, get the IP address from the main screen of the Factory Composer app, or in the top-right corner of Factory Orchestrator.
  • Authentication configured for SSH. This can be either:
    • A username and password
    • A keypair

Start the SSH server

On images that include the WindowsCoreNonProductionFM feature manifest, you can add the WCOS_OPENSSH_AUTOSTART feature to automatically start the SSH server.

If your image isn't configured to automatically start the SSH server, you can use Windows Device Portal to manually start the SSH server.

  1. Open a browser on your technician PC and navigate to the URL of your Factory OS device.
  2. Once connected to Device Portal, navigate to the SSH tab in the left-hand pane. The SSH tab is at the bottom of the list.
  3. Select Enable SSH.

Connecting using a name and password

To be able to connect using a username and password, you have to first configure a username and password. Configuring an SSH username and password depends on the Factory OS product that you're using.

Username and password in Factory OS

Factory OS includes a built-in administrator account that you can use to connect with SSH:

See Also
How to Add SSH Public Key to ServerOpenSSH Server configuration for WindowsHow to Troubleshoot SSH Authentication Issues | DigitalOcean DocumentationWhat are SSH Keys? Authentication & More

  • Username: FactoryUser
  • Password: WindowsCore

You can customize the username and password with the SSHUsername and SSHPassword settings in the settings customization framework.

Connecting using a key pair

If you have a key pair for SSH (see your SSH client documentation for details), you can use it instead of a username and password.

You'll need a public key in OpenSSH format. Run ssh-keygen.exe on your technician PC to generate one. ssh-keygen is included with Windows.

Create a keypair

  1. From a Command prompt on your technician PC, run ssh-keygen.exe to generate a public and private keypair. When you run this command, you can choose to save the keys to a location on your PC, and also set a password:

    ssh-keygen

    This command will prompt you for the following information, and provide output similar to the following:

    Enter file in which to save the key (C:\Users\User/.ssh/id_rsa):Enter passphrase (empty for no passphrase):Enter same passphrase again:Your identification has been saved in C:\Users\User/.ssh/id_rsa.Your public key has been saved in C:\Users\User/.ssh/id_rsa.pub.The key fingerprint is:SHA256:<SHA245> user@COMPUTERThe key's randomart image is:+---[RSA 2048]----+| .o oo=+.+OB || ..o.... =B+o|| .o ++ +oo*o|| ... +.o+..|| . S oo.+.|| . . .+.E|| . ... || || |+----[SHA256]-----+

  2. Navigate to the the folder where you stored your keys, you'll see a private key that has no extension and a public key that has a .pub extension.

  3. Open the public key file with a text editor. The public key isn't sensitive. Here's what they look like:

    ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAiez5r6NN01TK5yFPCV34Po4UdsMej4Gbl441SAzGihcE3eV7bSnLRR32RKH8T6ZQ2eZSZ1zPD6xkGnBE0CXvlHLP76nva4AaoCoPAEDIbNKLVmPiKn6U6MDlkass6TFrfOBlsY3m+rZyWJipZEFLrptvqli72lkWttUNfwgu8CJKMBbjGsd4HS3EFwCrSsKqI2MBKk7SO3+DNrwAPUWK9O/hT/mqARMMMbD/zM0BrHZ/U9mc3w/x2y2awpONJF9yVjfXAvG6JTrB+Bh6pr2BYccmVAwPmXkQM+3HrFjS7nfSZnjBQE3YD6PTZfT7Qs6V15CoCvIaoRQs0AEBJLK53Q== rsa-key-20180427

  4. Copy the contents of your public key to the clipboard.

  5. Connect to your WCOS device with Device Portal. Naveigate to the SSH tab in the left-pane, and copy the public key from your clipboard into the box titled Public Key for your desired user.

Connect

Once you have authenication configured, you can connect to your Factory OS device:

See Also
Linux: How-To - Login with a SSH Private Key - CloudBolt Software

  1. Open a Command prompt window on your technician PC.

  2. Connect to the device:

    1. To connect using a username and password:
    ssh user@192.168.1.2

    Where user is the username you chose when setting up SSH, and 192.168.1.2 is your Factory OS device's IP address.

    1. To connect using a key pair
    ssh -i C:\Users\User/.ssh/id_rsa user@192.168.1.2

    Where C:\Users\User/.ssh/id_rsa id your private key, user is the username you chose when setting up SSH, and 192.168.1.2 is your Factory OS device's IP address.

  3. Enter the password for your user if you're connecting with a username and password, or if you configured your key to require a password.

Secure FTP

You can use SSH for file transfer, over the sftp protocol. If you've enabled SSH on your Factory OS device, you'll also be able to connect with sftp.

WinSCP is the most popular GUI Client for file transfer over sftp in Windows. Follow the documentation to learn how to use it.

If you prefer a command-line tool, you can use sftp and scp:

sftp:

usage: sftp [-46aCfpqrv] [-B buffer_size] [-b batchfile] [-c cipher] [-D sftp_server_path] [-F ssh_config] [-i identity_file] [-l limit] [-o ssh_option] [-P port] [-R num_requests] [-S program] [-s subsystem | sftp_server] destination

scp:

usage: scp [-346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file] [-l limit] [-o ssh_option] [-P port] [-S program] source ... target

The above utilities are included in Windows and can be run by launching a Command prompt.

As a seasoned expert in secure shell (SSH) protocols and related technologies, I bring a wealth of knowledge and practical experience to the table. My extensive background includes not only theoretical understanding but also hands-on application, making me well-equipped to guide you through the intricacies of OpenSSH and its applications in the context of Factory OS test devices and VMs.

Now, let's delve into the concepts discussed in the provided article:

  1. OpenSSH (Secure Shell): OpenSSH is a widely used protocol for secure terminal connections. It provides encrypted communication over a network, ensuring the confidentiality and integrity of data exchanged between devices.

  2. SSH Server and Client: The article highlights the need for an SSH server on Factory OS devices and an SSH client on the technician's PC. The SSH server facilitates secure connections to the Factory OS test devices, while the SSH client is necessary on the technician's PC to initiate these connections.

  3. IP Address: To establish an SSH connection, you need the IP address of the Factory OS device. This information can be obtained from the main screen of the Factory Composer app or the top-right corner of Factory Orchestrator.

  4. Authentication Methods:

    • Username and Password: Factory OS includes a built-in administrator account (Username: FactoryUser, Password: WindowsCore) for SSH connections. Users can customize the username and password using the SSHUsername and SSHPassword settings.
    • Key Pair: Alternatively, users can configure SSH to use a key pair for authentication. The article provides detailed instructions on generating a key pair using ssh-keygen.exe and incorporating it into the SSH configuration.

  5. Starting the SSH Server:

    • The article explains how to automatically start the SSH server using the WCOS_OPENSSH_AUTOSTART feature on images that include the WindowsCoreNonProductionFM feature manifest. For images without this configuration, the Windows Device Portal can be used to manually start the SSH server.

  6. Secure File Transfer (SFTP): In addition to running commands, SSH can be used for secure file transfer using the SFTP protocol. The article suggests using WinSCP, a popular GUI client, or command-line tools such as sftp and scp for file transfer.

  7. Connecting to Factory OS Devices:

    • The article provides command-line examples for connecting to Factory OS devices using both username and password and key pair authentication methods. It includes instructions on entering the password if applicable.

  8. Secure FTP (sftp and scp): The article introduces the usage of sftp and scp for secure file transfer. These command-line utilities are included in Windows and can be executed from the Command prompt.

By following the guidance outlined in this article, technicians can effectively use OpenSSH to connect to Factory OS test devices, run commands, and securely transfer files, enhancing the overall security and efficiency of their operations.

Connect using SSH (2024)
Top Articles
8 Things Every Credit Card Owner Should Know - Royalty Ark
Mortgage Affordability & the Rule of thumb for mortgage amounts
Craigslist General Sale
0123Movies.hd
Latest Posts
The Top 3 Reasons You Have Bad Credit & How to Fix Your Credit Rating
Department of Adulting - What To Do When Interest Rates Go Down in 2024
Article information

Author: Jonah Leffler

Last Updated:

Views: 5978

Rating: 4.4 / 5 (45 voted)

Reviews: 92% of readers found this page helpful

Author information

Name: Jonah Leffler

Birthday: 1997-10-27

Address: 8987 Kieth Ports, Luettgenland, CT 54657-9808

Phone: +2611128251586

Job: Mining Supervisor

Hobby: Worldbuilding, Electronics, Amateur radio, Skiing, Cycling, Jogging, Taxidermy

Introduction: My name is Jonah Leffler, I am a determined, faithful, outstanding, inexpensive, cheerful, determined, smiling person who loves writing and wants to share my knowledge and understanding with you.