Add an SSH Server with a Public Key
An SSH server is a combination of a specific SSH destination and the credentials to access it. This guide will show you how to set up an SSH Server with a public key in the Admin UI. Adding a server will take place in both the Admin UI and on the server you are adding to the strongDM network.
Before you begin, you must ensure that the server you are attempting to add is accessible from the strongDM Relay or Gateway. You must have a properly functioning Relay up and running, and it must be able to reach the target server before you can proceed. Setting up a Relay is out of the scope of this guide, but for more information, see Relays.
Log in to the Admin UI and select Servers from the left-hand navigation.
Click the add server button.
On the Add Server dialog, set the following properties in order to configure how the strongDM Relay will connect to the Server via SSH:
- Display Name (Required): Enter a meaningful name for this resource (e.g., 'testserver-01'). This name will show up in the Admin UI.
- Server Type (Required): Select SSH (Public Key).
- Hostname (Required): Enter the hostname or IP address to connect to (e.g.,
testserver-01.example.org). It is imperative that the Relay server can connect to the entry that you choose for Hostname. To verify that it can connect, hop on the Relay server, and from a command prompt, type
$ ping <YOUR_HOSTNAME>. If your Relay can connect to this hostname, you will be able to proceed.
- Port (Required): Enter the port to connect to the resource (default: 22).
- Secret Store: If a secret store integration is configured, select where the credentials for this resource will be stored.
- Username (Required): Enter the username that the Relay will use to SSH with (e.g.,
- Public Key (Required): The public key will be generated automatically after this Server is created or updated. Note that once it is generated, you must append it to the
~/.ssh/authorized_keyson the host.
- Resource Tags (Optional): Assign tags to the Datasource by entering key-value pairs in the format
Click create. The Admin UI will update and show your new server in a yellow state, as it's not quite ready yet.
Click the pencil icon next to the server to re-open the Connection Details dialog. The Public Key field should now contain data.
Next to the Public Key field, click copy to copy the public key to your clipboard.
Open a command prompt on the Server you are adding, and edit the
authorized_keysfile for the user specified in the Server configuration properties:
sudo vi ~/.ssh/authorized_keys
Append the generated public key value to the end of the file, write, and quit.
Back in the Admin UI, click update.
You should see that Server in the list first goes to a gray mode while the configuration is being applied and then goes to a green mode when there is a successful connection.
Once the server is added, you will see it in the Servers section of the Admin UI. If you have multiple Servers to create, follow these steps for each Server.
If any errors occur, please copy them into an email and send them to email@example.com.