Add an SSH Server with a Public Key
An SSH server is a combination of a specific SSH destination and the credentials to access it.
Adding a server will take place in both the Admin UI and on the server you're adding to the strongDM network.
Before beginning, you must ensure that the server you're attempting to add is accessible from the strongDM relay or gateway. You must have a properly functioning relay up and going, and it must be able to reach the target server before you can proceed. Setting up a relay is out of the scope of this guide, but for more information on relays, see this guide.
Login to the Admin UI and choose Servers on the left hand navigation.
In the upper right hand section of the screen, click the 'add server' button. You'll be presented with this dialog:
In this dialog, you're configuring how the strongDM relay will connect to the server via ssh. Make sure the Server Type selected is SSH (Public Key).
Type in a Display Name - this is how the server will show up in the Admin UI---in this case, 'testserver-01'
Enter the hostname or IP address to connect to. It's imperative that the entry you choose for Hostname is one that the relay server can connect to. To verify this, hop on the relay server, and from a command prompt, type:
$ ping <YOUR_HOSTNAME>If your relay can connect to this hostname, you'll be able to proceed---in this case,
The Secret Store field gives you the choice of where the credentials for this cluster will be stored (i.e., strongDM, AWS Secrets Manager, Vault Secret Store, or GCP Secrets Manager).
Type in the Username that the relay will be using to ssh with---in this case, 'vagrant'
If you wish to allow users connecting to this server to be able to use SSH port forwarding, check the Allow Port Forwarding box.
Click the 'create' button. Once this is done, the Admin UI will update and show your new server in a yellow state, as it's not quite ready yet.
Click the 'pencil' icon to right of the server to re-open the 'Connection Details' screen. At the bottom of the dialog, the 'Public Key' field should now contain data.
Click the 'copy' button to the right of the field to copy the public key to your clipboard.
Open a command prompt on the server you're adding and edit the authorized keys file for the user specified in Step 7:
sudo vi ~/.ssh/authorized_keysAppend the value you copied in step 10 to the end of the file, save, and exit.
Back in the Admin UI, click the 'update' button. You should see that server in the list goes to a gray mode while the configuration is being applied, and then to a green mode like this:
Once the server is added, you'll see it in the Servers section of the Admin UI.
If you have multiple servers to create, follow the above steps for each server.
If any errors occur, please copy them into an email and send to email@example.com.