Don't use a password. Generate a passphrase-less SSH key and push it to your VM.
If you already have an SSH key, you can skip this step…
Just hit Enter for the key and both passphrases:
$ ssh-keygen -t rsa -b 2048
Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
Copy your keys to the target server:
$ ssh-copy-id id@server
id@server's password:
Now try logging into the machine, with ssh 'id@server'
, and check-in:
.ssh/authorized_keys
Note: If you don't have .ssh dir and authorized_keys file, you need to create it first
to make sure we haven’t added extra keys that you weren’t expecting.
Finally, check to log in…
$ ssh id@server
id@server:~$
You may also want to look into using ssh-agent
if you want to try keeping your keys protected with a passphrase.
Sounds like you just need to add an FTP Filter policy to your XTM box with a NAT rule set on it:
- Connect to the XTM505 with Fireware Policy Manager
- Add a new 'FTP Filter' policy
- Remove 'Any-External' from the To: field
- Add > Add NAT...
- Verify your external IP Address is the one you want
- Type in 192.168.1.5 in the Internal IP Address field
- Consider changing the From: field from 'Any-Trusted' to just the static public IP of your User (if they have one), so only they will be able to connect to your FTP server externally and not any script kiddies or Joe Hacker.
- Click OK > Close to add that new FTP policy to your policy list
- Save > To Firebox to store the new configuration.
This will open TCP port 21 up on your external IP address and pass all FTP traffic through to your server on 192.168.1.5. User just needs to FTP to your external IP address where they'll be prompted for their FTP username and password.
Best Answer
All the documentation states that you must reset the device to factory settings. Also, the serial port is for a modem connection, not a console connection.
User Manual: