Using SSH for Advanced Administration of NoTouch

SSH can be turned on and off within NoTouch and can be used for advanced configurations for both the Virtual Appliance and NoTouch OS

Introduction


Linux-based products such as NoTouch OS and Stratodesk Virtual Appliance all feature a command line interface, commonly referred to as the "shell prompt", or simply "the shell". Command line user interfaces have been around long before graphical systems such as Microsoft Windows, the X Window system, Mac OS, etc were developed. May it seem intimidating to new users, command line interfaces tend to be extremely efficient tools for knowledgeable users. Normal system administration in NoTouch does not need shell access!

Remote login to a system's shell prompt is typically done via Secure Shell (ssh), an encrypting network protocol.

Note: This article describes only how to access the shell prompt via SSH (remote via network). If you are on the machine locally, just open the configuration, log in and click on "Console".

Warning: Improper use of the shell prompt, especially when having "root" (super-user) privileges can destroy systems. Modifications you do at shell level and/or repair work of improper use is most probably not covered by Stratodesk free basic support service.

Client side


Windows users will find that PuTTY is a great free Secure Shell client. If you work on a Mac or Linux system, you have Secure Shell functionality built in, please refer to the documentation of your system to learn more.

NoTouch Center also has a Secure Shell client built-in for connecting to client machines running NoTouch. It is implemented as a Java applet, thus you must have a working Java plugin installed and enabled.

NoTouch OS


Logging in 


When logging in to any NoTouch system, use the username "notouchadm" and the client administration password. There is no default password, you either set it through the first time wizard, or when using NoTouch Center it will roll out a configured password ("Administration" parameters in NoTouch Center) - see Client admin password for more information.

For many tasks you have to gain root privileges by executing the "su" command and typing in the same password again. As user "root" you have system administrator privileges and can modify almost all aspects of the system, even destroy things. However, a specialty of NoTouch, even with system administration privileges, you can not modify the OS image (although you could destroy it from its host disk system). Writes will go to RAM disk and thus disappear after rebooting the device.

Note: Older versions of NoTouch OS (before 2.39) required you to log in as root. Now, you can not log in as root any more, you must use notouchadm.

Gaining root privileges


After logging in as notouchadm, you are - in Linux terminology - a "normal" user. To gain system administrator ("root" in Linux/UNIX terminology) privileges, use this command:

   su

When asked for a password, repeat your notouchadm password. When successfully authenticated, you may notice that the shell prompt changes from a $ character to a # character, indicating that you now have root privileges.

Any change you do here may destroy your installation. Even if you execute commands that are given somewhere in this documentation, there is a chance that things go wrong.

To leave administrative ("root") mode, simply type exit and press Enter:

   exit

After that, the prompt character will be a $ character again.

Control SSH service


NoTouch has an embedded SSH service product installed. There are many aspects of the SSH server that can be controlled, not only security policies, in fact you can easily roll out authorized_keys files to remotely access a multitude of NoTouch machines. Please refer to this article for more information: SSH Server

By default the SSH service is turned on; this makes sense for people evaluating the system and wanting to see what is supported. However, for security reasons and since it is seldomly used, we recommend to switch it off.

You find the parameter "SSH server" under the "Services" options. These possible settings exist:

  • "on". The SSH service will be started at boot time.
  • "off". The SSH service will not be started.

Please reboot your machine after changing this parameter. Again, for more SSH server options please consult SSH Server.

Stratodesk Virtual Appliance


Stratodesk Virtual Appliance has an SSH server installed and it is switched on by default. For information about, please consult the Ubuntu OpenSSH documentation (we recommend to NOT modify anything regarding SSH and cannot support you on such modifications).

Logging in


Point your SSH client, such as PuTTY on Windows, to the IP address or host name of your Stratodesk Virtual Appliance instance. Logging to the Stratodesk Virtual Appliance requires to use the username "notouchadm" and the required password is your standard VA password.

Gaining root privileges


After logging in as notouchadm, you are - in Linux terminology - a "normal" user. To gain system administrator ("root" in Linux/UNIX terminology) privileges, use this command:

   sudo su

When asked for a password, repeat your notouchadm password. When successfully authenticated, you may notice that the shell prompt changes from a $ character to a # character, indicating that you now have root privileges.

Any change you do here may destroy your virtual appliance. We highly recommend to create a backup first and a VM snapshot before modifying anything. Even if you execute commands that are given somewhere in this documentation, there is a chance that things go wrong.

To leave administrative ("root") mode, simply type exit and press Enter:

   exit

After that, the prompt character will be a $ character again.