Safeguard SSH key Authentication support

Dear Community,

I'm currently working with a Safeguard environment running version 8 LTS. We have a scenario where a user accesses an SSH asset using their username and an SSH private key without a password.

During asset onboarding, I added the SSH private key file under the Connection tab, and the Test Connection passes successfully. However, when configuring the Access Request Policy, selecting either None or User Supplied under credential options causes the SSH key authentication to fail.

I’d like to confirm whether this specific scenario—SSH key authentication without a password—is officially supported in the current version of Safeguard, or if a Request for Enhancement (RFE) would be required.

Looking forward to your input or guidance.

Parents
  • Hi,

    The account specified on the Connection tab is what is called a service account on the Asset 
    - This service account is normally used to connect and manage the target Asset Accounts.

    For sessions, you may also enable this service account for session requests if that is what your intended configuration or you can use a managed account for sessions that is different from the service account. 

    Its not clear How you configured the Scope of the Access Request Policy for this SSH access policy but you may need to specify the Asset and Account in the scope.

    SSH Sessions with accounts using SSH Keys is supported from SPP yes.

    Thanks!

Reply
  • Hi,

    The account specified on the Connection tab is what is called a service account on the Asset 
    - This service account is normally used to connect and manage the target Asset Accounts.

    For sessions, you may also enable this service account for session requests if that is what your intended configuration or you can use a managed account for sessions that is different from the service account. 

    Its not clear How you configured the Scope of the Access Request Policy for this SSH access policy but you may need to specify the Asset and Account in the scope.

    SSH Sessions with accounts using SSH Keys is supported from SPP yes.

    Thanks!

Children