When connecting to a device over SSH, Unimus supports the following SSH protocol-level authentication methods:
| Code Block |
|---|
|
none, public-key, keyboard-interactive, password |
Please note that depending on the actual type of credentials, only some of these authentication methods will be used (see below).
For most users, adjusting the default behavior is NOT required, but you can adjust how Unimus auths on the SSH level if needed.
Default SSH protocol-level authentication behavior
When connecting to a device using an SSH key-based credential, Unimus will try the following auth methods in the following order:
| Code Block |
|---|
|
none, public-key |
When using a username/password based credential, Unimus will try the following auth methods in the following order:
| Code Block |
|---|
|
none, keyboard-interactive, password |
Disabling auth none or changing password auth methods
If you would like to disable the "none" authentication methods, you can set the following parameter:
| Code Block |
|---|
|
-Dunimus.core.ssh.enable-auth-none=false |
If you would like to change the order of password auth methods, you can set:
| Code Block |
|---|
|
-Dunimus.core.ssh.preferred-password-authentication-methods=password,keyboard-interactive |
Or you can remove one of the password auth methods to force usage of a specific one with:
| Code Block |
|---|
|
-Dunimus.core.ssh.preferred-password-authentication-methods=keyboard-interactive |
You can set configuration options in the service config files to achieve this.
On Linux these are located in:
- "/etc/default/unimus" for Unimus Server
- "/etc/default/unimus-core" for Unimus Core
On Windows:
- "C:\Program Files\Unimus\Unimus.l4j.ini" for Unimus Server
- "C:\Program Files\Unimus Core\Unimus Core.l4j.ini" for Unimus Core