Ubiquiti Edge Router Management Security

I have several of the Ubiquiti EdgeRouters and they have been absolutely fantastic. I’ve recently been on a kick to use certs for ssh auth as well as adding Let’s Encrypt SSL certificates to any web services I have, and the EdgeRouter is no exception.

SSH Certificate Authentication

Most of the EdgeRouter file system can be wiped during upgrades and other parts do not keep state even across power cycles. In order to use SSH certificate authentication you must use the supported command.

scp ~/.ssh/id_rsa.pub admin@router:~/.

ssh admin@router
loadkey admin /home/admin/id_rsa.pub 

Now when you SSH to the router you will use your key for authentication.

HTTPS SSL Certificate

As I mentioned I’ve been using Let’s Encrypt for all of my HTTPS services. However it is important to keep in mind that Let’s Encrypt certificates are only good for 90 days. I found a very helpful script to create and manage the certificate lifecycle. Check it out on GitHub. https://github.com/hungnguyenm/edgemax-acme

Leave a Reply

Your email address will not be published. Required fields are marked *