SSH Access

Synpse allows you to ssh into the edge. You can access your devices anywhere where they are.

PreviousHTTPS Tunnel Access NextDevice Labels

Last updated 3 years ago

Was this helpful?

SSH Access

Synpse allows you to ssh into the edge. You can access your devices anywhere where they are.

Accessing device via dashboard

Synpse allows you to connect to the device via the SSH directly from the browser:

Accessing device via CLI

First, to list your devices:

synpse devices

 NAME  STATUS  IP             OS      LABELS      LAST SEEN     CREATED      |
 nuc   online  192.168.1.120  Ubuntu  arch:amd64  1 second ago  23 hours ago |

To access your device from the CLI:

synpse ssh <device name>

Native SSH client

Synpse supports native ssh clients too. So you can use tools like SCP or Ansible more easily with your devices. Native ssh client supports 2 modes of authentication:

Username/password
SSH keys

Username/Password auth

You can ssh to any device using the syntax below. Password for this is is Access key or Service account access key

RBAC is still applicable to these connections. User in question should have "Resource: Device, Action: SSH" in their role bindings for authentication.

ssh <device_id>@ssh.synpse.net

Example:

ssh dev_1vfzv0NwOcS5XpNEUAkqGxP4aaa@ssh.synpse.net

SSH key authentication

To authenticate using SSH keys you need to add public SSH key into your account. This can be done via UI SSH Keys section or CLI synpse ssh-keys add <key-name> -k <path-to-public-key>

Or synpse CLI can do this for you. Just run synpse ssh-keys configure and it will generate key pair into .ssh folder and add it to the current synpse session.

synpse ssh-key configure
  NAME         SSH KEY                       CREATED               LAST USED             
  unknown-cli  ecdsa-sha2-nistp521 AAAAE...  112 milliseconds ago  112 milliseconds ago

Authentication:

ssh <device_id>@ssh.synpse.net

Authentication shortcut

We understand that these names are hard to remember and to use. For this CLI will manage part of the.ssh/config file. If you have a synpse SSH key configured using synpse ssh-keys configure and you execute native ssh command synpse ssh <device_name> ssh config will be updated with all the required details. See the example below:

# configure cli ssh key
synpse ssh-keys configure

# SSH using native CLI client
synpse ssh minis

# check your .ssh/config file
cat ~/.ssh/config
....

# SSH using short command!
ssh minis

Example how to generate ECDSA key pair:

ssh-keygen -t ecdsa -b 521

Restricting SSH access

Where is a way to prevent anybody with access to SSH into the devices? This can be done using RBAC or via ssh key checking. Documentation is coming, but if you need this now - ping us on Discord

PreviousHTTPS Tunnel Access NextDevice Labels

Last updated 3 years ago

Was this helpful?

Accessing device via dashboard

Synpse allows you to connect to the device via the SSH directly from the browser:

Accessing device via CLI

First, to list your devices:

synpse devices

 NAME  STATUS  IP             OS      LABELS      LAST SEEN     CREATED      |
 nuc   online  192.168.1.120  Ubuntu  arch:amd64  1 second ago  23 hours ago |

To access your device from the CLI:

synpse ssh <device name>

Native SSH client

Synpse supports native ssh clients too. So you can use tools like SCP or Ansible more easily with your devices. Native ssh client supports 2 modes of authentication:

Username/password
SSH keys

Username/Password auth

You can ssh to any device using the syntax below. Password for this is is Access key or Service account access key

RBAC is still applicable to these connections. User in question should have "Resource: Device, Action: SSH" in their role bindings for authentication.

ssh <device_id>@ssh.synpse.net

Example:

ssh dev_1vfzv0NwOcS5XpNEUAkqGxP4aaa@ssh.synpse.net

SSH key authentication

To authenticate using SSH keys you need to add public SSH key into your account. This can be done via UI SSH Keys section or CLI synpse ssh-keys add <key-name> -k <path-to-public-key>

Or synpse CLI can do this for you. Just run synpse ssh-keys configure and it will generate key pair into .ssh folder and add it to the current synpse session.

synpse ssh-key configure
  NAME         SSH KEY                       CREATED               LAST USED             
  unknown-cli  ecdsa-sha2-nistp521 AAAAE...  112 milliseconds ago  112 milliseconds ago

Authentication:

ssh <device_id>@ssh.synpse.net

Authentication shortcut

# configure cli ssh key
synpse ssh-keys configure

# SSH using native CLI client
synpse ssh minis

# check your .ssh/config file
cat ~/.ssh/config
....

# SSH using short command!
ssh minis

Due to security , Synpse does not support RSA ssh keys. Use ECDSA keys.

Example how to generate ECDSA key pair:

ssh-keygen -t ecdsa -b 521

Restricting SSH access

Where is a way to prevent anybody with access to SSH into the devices? This can be done using RBAC or via ssh key checking. Documentation is coming, but if you need this now - ping us on Discord