Bosch Building Technologies

    cancel
    Showing results for 
    Search instead for 
    Did you mean: 

    Who rated this article

    How to configure the SSH functionality in BVMS 7.5?

    Rate this article:
    100% helpful (1/1)

    When working with previous versions of BVMS, remote connectivity was cumbersome due to the amount of port mapping that needed to be configured. BVMS 7.5 provides a new method of remote connectivity utilizing Secure Shell (SSH) Tunnelling.

    SSH Tunnelling constructs an encrypted tunnel established by an SSH protocol/socket connection. This encrypted tunnel can provide transport to both encrypted and un-encrypted traffic. The Bosch SSH implementation also utilizes Omni-Path protocol, which is a high performance low latency communications protocol developed by Intel.

    0-How to configure the SSH functionality in BVMS.png

    Key management

    The BVMS SSH service generates a private and public key when it is started for the first time. Both keys are saved in an encrypted file. When the BVMS SSH service restarts this file is detected and the private key is read.

     

    Step-by-step guide

     

    1.Configuration

     

    A. Installation

    There is little to no configuration required for this feature to function.

    • The SSH Service must be installed and running. If deploying a BVMS Pro system, insure the SSH Service is part of the installation process.
    • Recording Appliances that ship with BVMS 7.5 should have the service pre-installed. Check your “Services”.

    1-How to configure the SSH functionality in BVMS.png

    If the service has not been installed, the install package can be run from the BVMS 7.5 downloadable install package. If working with a DIVAR IP Recording Appliance, the appliance “Installer Package” must be used.

     

    B. Port mapping entry

    The primary configuration step is to configure one (1) port forwarding for the BVMS Central Server to utilize port 5322 for both internal and external connections. This is the only port mapping entry that needs to be made for the entire system.

    2-How to configure the SSH functionality in BVMS.png

    The image below shows a sample configuration.

    3-How to configure the SSH functionality in BVMS.png

     

    2. Operation

     

    A. Login with the Operator Client

    After the basic configuration is done, logging in via Operator Client is very intuitive:

    From the log menu, select the “Connection” drop down menu, then Select <New…>

    4-How to configure the SSH functionality in BVMS.png

    You will be prompted to enter an IP address or DNS host name. You will also notice a cheat guide below the entry menu that will assist with address entry. Addressing must be in the following format: ssh://IP or servername:5322. In the example we used: ssh://49.49.49.49:5322.

    5-How to configure the SSH functionality in BVMS.png

    After entering a properly formatted address, enter a valid user name and password. SSH users MUST have a password associated with their BVMS account. User accounts without a password cannot log in utilizing an SSH Connection.

    6-How to configure the SSH functionality in BVMS.png

     

    B. Verification

    After connection is established via an SSH Tunnel, all communications between the BVMS Server (192.168.1.19) and a remote client (49.49.49.48) are encrypted. Below is a Wireshark Capture taken from the BVMS Server after a connection is established.

    7-How to configure the SSH functionality in BVMS.png

    C. Changing the SSH port

    Locate the SSH service configuration file in "C:\Program Files\Bosch\BVMS\bin"

    8-How to configure the SSH functionality in BVMS.png

    Open the configuration file and find the section below. Edit the value of the BvmsSshServicePort (the port should be unused) and restart the system.

    9-How to configure the SSH functionality in BVMS.png

    Version history
    Last update:
    ‎04-05-2021 12:13 PM
    Updated by:
    Labels (6)
    Attachments
    Who rated this article
    Icon--AD-black-48x48Icon--address-consumer-data-black-48x48Icon--appointment-black-48x48Icon--back-left-black-48x48Icon--calendar-black-48x48Icon--center-alignedIcon--Checkbox-checkIcon--clock-black-48x48Icon--close-black-48x48Icon--compare-black-48x48Icon--confirmation-black-48x48Icon--dealer-details-black-48x48Icon--delete-black-48x48Icon--delivery-black-48x48Icon--down-black-48x48Icon--download-black-48x48Ic-OverlayAlertIcon--externallink-black-48x48Icon-Filledforward-right_adjustedIcon--grid-view-black-48x48IC_gd_Check-Circle170821_Icons_Community170823_Bosch_Icons170823_Bosch_Icons170821_Icons_CommunityIC-logout170821_Icons_Community170825_Bosch_Icons170821_Icons_CommunityIC-shopping-cart2170821_Icons_CommunityIC-upIC_UserIcon--imageIcon--info-i-black-48x48Icon--left-alignedIcon--Less-minimize-black-48x48Icon-FilledIcon--List-Check-grennIcon--List-Check-blackIcon--List-Cross-blackIcon--list-view-mobile-black-48x48Icon--list-view-black-48x48Icon--More-Maximize-black-48x48Icon--my-product-black-48x48Icon--newsletter-black-48x48Icon--payment-black-48x48Icon--print-black-48x48Icon--promotion-black-48x48Icon--registration-black-48x48Icon--Reset-black-48x48Icon--right-alignedshare-circle1Icon--share-black-48x48Icon--shopping-bag-black-48x48Icon-shopping-cartIcon--start-play-black-48x48Icon--store-locator-black-48x48Ic-OverlayAlertIcon--summary-black-48x48tumblrIcon-FilledvineIc-OverlayAlertwhishlist