Remote desktop with private key
Remote Connection to SSH-based Devices Using SSH KeysOverviewPAM360 allows you to launch remote connections to SSH command-based remote systems directly from the PAM360 web interface through SSH keys. This feature is in addition to its ability to launch remote connections using the corresponding user account's login credentials. To launch remote connections through SSH keys, you need to associate the SSH keys with the required accounts. This document discusses the procedure to achieve this. Show
1. Steps to Associate SSH Keys with AccountsYou can enable remote connections through SSH keys using the option Use private key to login to this account instead of password available while creating an account or an SSH key. However, for the remote connection to work via the private key, you need to associate the SSH keys with the required accounts. There are four different ways of associating keys with accounts before enabling the private key login. Notes: 1. Although it is possible to associate one SSH key with multiple user accounts through the Key Actions >> Associate Keys option, as a best practice, it is recommended to associate only one SSH key per account to preserve data security. 2. We strongly recommend the Map private key to locally, if remote key association fails option only for the cases, where the target server is reachable only through a jump server. PrerequisiteBefore proceeding with the steps, check if the private key option is enabled for the Linux resource type. If not, follow the below steps to enable the option:
1.1 Creating a New SSH Key and Associating it with an Existing Account
Note: Click here this to learn how to create a key from the SSH Keys tab and then associate it with an account. 1.2 Associating an Existing Key with a New AccountYou can still import an existing SSH key created using a key generation tool into PAM360, even if you do not have the SSH Keys tab activated in your environment. Create a new account and add the existing key to it. Follow the below steps:
Note: By design, the user account name and password fields cannot be left empty even when the private key option is enabled. However, you can use the random password generator available beside thePassword field to create a dummy password for an account. 1.3 Associating an Existing Key with an Existing AccountYou can also add an existing key to an existing account usingthe Import SSH Keys option. Follow the below steps:
1.4 Enabling Private Key Login Option For an Existing AccountIf the remote login using private key option is not enabled during the account creation or key association, you can enable the same by editing the account details. Follow these steps to edit the existing account. In the process, select the checkbox Use private key to login to this account instead of password (shown in the below screenshot) to authorize remote connections using SSH keys instead of account credentials. 2. Enabling PKI Authentication Option for Remote Password ResetNote: This step is necessary only if you want to use a particular account to carry out remote password reset. To simply launch SSH connections using SSH Keys, PKI authentication need not be enabled. Use the PKI authentication option to carry out remote password reset through the account which launches remote connection using SSH keys. To enable this option:
|