<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">

Supercharge Your SSH and Kubernetes Resources with Remote Identities

strongDM manages and audits access to infrastructure.
  • Role-based, attribute-based, & just-in-time access to infrastructure
  • Connect any person or service to any infrastructure, anywhere
  • Logging like you've never seen

strongDM, the People-First Access platform that gives technical staff direct access to the critical infrastructure they need to be their most productive, now gives you more authentication flexibility with Remote Identities. This new feature enables you to connect to strongDM resources using the identities of individual users instead of a leased credential.

Remote Identities helps you leverage the native capabilities of your SSH and Kubernetes resources and capitalize on infrastructure workflow investments you’ve already made.

Here’s how.

SSH and Kubernetes Remote Identities in the strongDM Admin UI

What Is the Remote Identities Feature All About?

With Remote Identities, you authenticate to an SSH or Kubernetes resource using the identity of the strongDM user connecting to it instead of strongDM’s standard leased credential method.

In the strongDM leased credential model, users access SSH and Kubernetes resources through a centralized set of credentials. This simplifies credential management and helps prevent credential sprawl while preserving all identity information about the strongDM user accessing your infrastructure in our comprehensive logs.

But, what if you want to take advantage of user profiles and home directories on your servers, or have strongDM users without auditing privileges relying on native Kubernetes logging and RBAC? Remote Identities allows you to leverage these resource-specific features and more.

Ultimately, though, we leave it up to you to choose if you want to use leased credentials or Remote Identities. Understanding the benefits of using Remote Identities can help you decide.

Remote Identity setting for SSH in the strongDM Admin UI

What Are the Benefits of Using Remote Identities?

The Remote Identities feature allows you to extract more value from your SSH and Kubernetes resources by leveraging their native capabilities.

For instance, it’s now easier to do these tasks:

  • Assign Kubernetes permissions at the group level with native Kubernetes RBAC 
  • Include user-specific profiles on your servers
  • Identify specific users associated with processes being executed on multi-tenant systems 

Additionally, you can leverage pre-existing investments in infrastructure processes or workflows (such as native alerting, log aggregation, and SIEM integrations).

Have you already done any of the following?

  • Set up a SIEM aggregation that consumes native logs directly from your resources
  • Establish a local threat identification system that relies on user identities
  • Employ disk and compute quotas on a per-user basis

Remote Identities enables you to keep operating all of these processes within strongDM.

When Does Using Remote Identities Make Sense?

We’ve already highlighted some of the most prominent use cases where authenticating using a remote identity, rather than a leased credential, makes sense. However, let’s recap them here along with a few others:

  • Leveraging user-specific profiles and home directories on servers
  • Enabling targeted identification and cancellation of server processes based on the user
  • Enforcing per-user, per-server quotas on resource usage in multi-tenant systems
  • Leveraging native Kubernetes RBAC
  • Being able to identify specific strongDM users in a resource’s native logs
  • Using local threat identification systems on resources
  • Supporting custom notification, approval, and escalation workflows running on your resources that need to be aware of a user’s identity


New to strongDM? Sign up for our free no-BS demo and discover how our People-First Access platform can work for you.


About the Author

, Head of Product Marketing, has over 20 years of wide-ranging experience in tech, spanning roles in product management, strategy consulting, and business development at companies such as Imperva, NetApp, HP, and several early-stage startups. Before joining the "real world," Norv spent his time roaming the globe and the halls of Johns Hopkins, the University of San Diego, and UC-Berkeley. To contact Norv, reach out through LinkedIn.

logo
💙 this post?
Then get all that strongDM goodness, right in your inbox.

You May Also Like

The difference between SASE vs SD-WAN
SASE vs. SD-WAN: All You Need to Know
SASE is a cloud-based network security solution, whereas SD-WAN is a network virtualization solution. SASE can be delivered as a service, making it more scalable and resilient than SD-WAN. Additionally, SASE offers more comprehensive security features than SD-WAN, including Zero Trust security and built-in protection against Distributed Denial-of-Service (DDoS) attacks.
SASE vs. CASB: Everything You Need to Know
SASE vs. CASB: Everything You Need to Know
In this article, we’ll take a big-picture look at how SASE and CASB solutions fit into the enterprise security landscape. We'll explore the key differences between SASE and CASB and explain how each tool helps ensure enterprise security. You will gain an understanding of how SASE and CASB solutions compare and which might be suitable for your organization.
CyberArk vs. Thycotic (Delinea)
CyberArk vs. Thycotic (Delinea): Which Solution is Better?
In this article, we’ll compare two Privileged Access Management (PAM) solutions: CyberArk vs. Thycotic, with a closer look at what they are, how they work, and which will best fit your organization. We’ll explore product summaries, use cases, pros and cons, PAM features, and pricing to that by the end of this article, you’ll have a clearer understanding of how these PAM tools work and be able to choose the one that’s right for you.
The Access-Productivity Gap Report
We Surveyed 600 U.S. Tech Workers: Here's What We Learned About The Impact of Access on Productivity
We surveyed a total of 600 IT, Security, and DevOps professionals from all over the United States, representing organizations of virtually every size to better understand how access impacts productivity and security.
Summer of Productivity
Can Better Access Make This the Summer of Productivity?
Access is at the heart of security and productivity. Not enough, and productivity drops. Too much, and you become unsecure. Learn how to balance both and cross the Access-Productivity gap.