NetBurner 3.5.6
PDF Version
SSH Server with User Key

SSH Server with User Key Example

Overview

This NetBurner application demonstrates how to create an SSH server that supports multiple key sources and provides a web-based interface for key management. The application showcases secure SSH connections with user-uploadable keys while maintaining fallback security through default keys.

Additional pdf documentation is located in the example directory

Features

  • SSH Server: Accepts secure SSH connections on port 22
  • Multiple Key Sources:
    • NetBurner SSH library default keys
    • Application compiled-in keys
    • User-uploaded keys via web interface
  • Web Interface: Upload and manage SSH keys through a browser
  • Key Types Supported: RSA and ECC (Elliptic Curve Cryptography)
  • File System: EFFS-STD on-chip flash storage for persistent key storage
  • NTP Time Sync: Automatic time synchronization for accurate timestamps
  • Serial Debug Interface: Command-line interface for system diagnostics

Key Management Hierarchy

The application uses a three-tier key priority system:

  1. User-Uploaded Keys (Highest Priority): Keys uploaded via web interface
  2. Application Default Keys (Medium Priority): Keys compiled into the application
  3. Library Default Keys (Lowest Priority): NetBurner SSH library fallback keys

This ensures the device always has a valid key for SSH connections.

Hardware Requirements

  • NetBurner module with supported flash memory:
    • Spansion AM29LV160B, S29AL016D
    • Atmel AT49BV163D
    • SST39VF040
  • Network connection
  • Optional: Serial connection for debug interface

Software Requirements

  • NetBurner Development Kit
  • NetBurner SSH/SSL Encryption software (optional add-on)
  • Compatible platforms: MOD5441X, NANO54415, SB800EX, MODM7AE70, SBE70LC, SOMRT1061, MODRT1171

Important Configuration Notes

Memory Configuration

CRITICAL**: Before building, you must configure the linker memory range to match your flash chip. Incorrect settings can corrupt the flash memory.

For Spansion AM29LV160B, S29AL016D, or Atmel AT49BV163D:

COMPCODEFLAGS = 0xFFC08000 0xFFD80000

For SST39VF040:

COMPCODEFLAGS = 0xFFC08000 0xFFC70000

Library Configuration

Replace FatFile.a with StdFFile.a in your linker settings to use the on-chip flash file system.

Usage Instructions

Initial Setup

  1. Configure memory settings for your specific flash chip
  2. Build and deploy the application to your NetBurner device
  3. Use IPSetup to determine the device's IP address
  4. Connect to the serial port (115200 baud) for debug output

Web Interface

  1. Open a web browser and navigate to the device's IP address
  2. View current key status and sources
  3. Upload new RSA or ECC keys using the file upload form
  4. Reset keys to factory defaults if needed
  5. Display public keys for SSH client configuration

SSH Connection

  1. Use an SSH client (such as PuTTY) to connect to the device
  2. Connect to the device's IP address on port 22
  3. Any username/password combination is accepted (for demonstration purposes)
  4. The connection timeout is set to 120 seconds

Serial Commands

Access the debug menu via serial connection:

  • [1] - EFFS Read/Write Test
  • [2] - Display Directory
  • [3] - Display TestFile.txt
  • [4] - Format Flash (WARNING: Data loss)
  • [5] - Display EFFS Space Usage
  • [6] - Display System Time
  • [7] - Reset to Factory Defaults

Key Requirements

RSA Keys

  • Minimum size: 512 bits
  • Maximum size: 4096 bits
  • Format: OpenSSH/OpenSSL PEM format
  • Must be unencrypted (no passphrase)

ECC Keys

  • Minimum size: 192 bits
  • Maximum size: 256 bits (384, 521, and ED25519 available with additional defines)
  • Format: OpenSSH/OpenSSL PEM format
  • Must be unencrypted (no passphrase)

File Structure

Core Application Files

  • main.cpp - Main application thread and system initialization
  • sshuser.cpp/h - SSH authentication and key management functions
  • web.cpp - Web server interface for key upload and display
  • nvsettings.cpp/h - Non-volatile settings management

Key Files

  • permanentkeyrsa.h - Default RSA key compiled into application
  • permanentkeyecc.h - Default ECC key compiled into application
  • openSsh*.key - Example key files for testing

Web Interface

  • index.html - Main web page for key management

File System Support

  • FileSystemUtils.cpp/h - EFFS-STD file system utilities
  • fs_main.cpp/h - File system initialization
  • effs_time.cpp/h - File timestamps and NTP support

Security Considerations

  • The example uses simple authentication (any username/password where they don't match)
  • In production, implement proper user authentication
  • The web interface is unencrypted HTTP - consider HTTPS for production use
  • Private keys are stored in flash memory - ensure physical security of devices
  • Default keys are compiled into the application - replace with your own keys for production

Troubleshooting

Common Issues

  1. Flash Corruption: Usually caused by incorrect COMPCODEFLAGS settings
  2. Key Upload Failures: Verify key format and encryption status
  3. Connection Timeouts: Check network configuration and firewall settings
  4. File System Errors: May require formatting the EFFS partition

Debug Output

The serial interface provides detailed debug information including:

  • SSH connection status
  • Key validation results
  • File system operations
  • Network configuration
  • System diagnostics

Development Notes

This example demonstrates several NetBurner development concepts:

  • EFFS-STD flash file system usage
  • Multi-part form handling in web applications
  • SSH server implementation
  • Non-volatile parameter storage
  • Task creation and management
  • Network service integration