SSH
Overview
SSH resources allow users to connect to Linux servers via SSH or SFTP. SSH sessions can be accessed through the web portal or via SSH proxy using native SSH clients.
SSH sessions have 3 possible authenticaltion modes
| Authentication Mode | Access Method | Authentication Flow |
|---|---|---|
| Public Key | SSH Proxy Web Console | SSH Session is launched with pre-configured key. User is multi-factored |
| Enter Credentials | Web Console | SSH Session is launched with pre-configured credentials. User is multi-factored. |
| Login Prompt | Web Consolse | User is multi-factored Linux login prompt presented. |
Recorded SSH sessions are only available from the Mamori web portal and via SSH Proxy.
Connecting via a native SSH clients using the ZTNA solution will 2FA and record the TCP access, but it will not record the SSH session.
Connecting via a native SSH clients using the ZTNA solution will 2FA and record the TCP access, but it will not record the SSH session.
Create SSH Login
Click SSH Logins
Click
Set the properties
Field Description Connection Name Your reference for the resource Hostname Target server name or IP address Port Target server port.
Defaults to 22Authentication Mode How to authenticate the user Theme The terminal's color theme Click Save
Grant Access
Manual Grant
- Click SSH Logins
- Find the SSH Login in the grid and click
- Click Manager Assigned Users or Manager Assigned Roles
- For time grants toggled advanced options
- Click on the grantee to add or remove the grant
Setup On-Demand
- Click SSH Logins
- Find the SSH Login in the grid and click
- Click Manage Request Grants
- Click Add Grant
- Enter the grant information
- Click Save
Connecting
Via Web Portal
To connect to a linux server via the web portal
- Login to the Mamori portal
- Click SSH Logins
- Find the SSH Login you want to access
- Click the Connect button
Via SSH Proxy
For instructions on connecting via SSH proxy using native SSH clients, see Access via Proxies - SSH Logins