sdm admin servers add
Last modified on May 5, 2025
NAME:
sdm admin servers add - add one or more server
USAGE:
sdm admin servers add command [command options] [arguments...]
COMMANDS:
rawtcp create TCP server
rdp create RDP server
rdp-cert, rdpCert create RDP (Certificate Based) server
ssh create SSH (Public Key) server
ssh-cert, sshCert create SSH (Certificate Based) server
ssh-customer-key create SSH (Customer Managed Key) server
rawtcp
NAME:
sdm admin servers add rawtcp - create TCP server
USAGE:
sdm admin servers add rawtcp [command options] <name>
OPTIONS:
--bind-interface value bind interface (default: "127.0.0.1")
--egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
--hostname value The traffic content is not recorded. (required)
--port value (default: 49150)
--port-override value port profile override (default: -1)
--proxy-cluster-id value proxy cluster id
--subdomain value This will be used as your local DNS address. (e.g. app-prod1 would turn into app-prod1.<your-org-name>.sdm.network)
--tags value tags e.g. 'key=value,...'
--template, -t display a JSON template
--timeout value set time limit for command
rdp
NAME:
sdm admin servers add rdp - create RDP server
USAGE:
sdm admin servers add rdp [command options] <name>
OPTIONS:
--bind-interface value bind interface (default: "127.0.0.1")
--downgrade-nla-connections Note: when downgraded, StrongDM cannot verify usernames and passwords for Remote Desktop connections
--egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
--hostname value (required)
--lock-required Require a resource lock to access the resource to ensure it can only be used by one user at a time.
--password value (required, secret)
--port value (default: 3389)
--port-override value port profile override (default: -1)
--proxy-cluster-id value proxy cluster id
--secret-store-id value secret store id
--subdomain value This will be used as your local DNS address. (e.g. app-prod1 would turn into app-prod1.<your-org-name>.sdm.network)
--tags value tags e.g. 'key=value,...'
--template, -t display a JSON template
--timeout value set time limit for command
--username value (required, secret)
rdp-cert
NAME:
sdm admin servers add rdp-cert - create RDP (Certificate Based) server
USAGE:
sdm admin servers add rdp-cert [command options] <name>
OPTIONS:
--bind-interface value bind interface (default: "127.0.0.1")
--egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
--hostname value (required)
--identity-alias-healthcheck-username value (conditional)
--identity-set-id value
--identity-set-name value set the identity set by name
--lock-required Require a resource lock to access the resource to ensure it can only be used by one user at a time.
--port value (default: 3389)
--port-override value port profile override (default: -1)
--proxy-cluster-id value proxy cluster id
--secret-store-id value secret store id
--subdomain value This will be used as your local DNS address. (e.g. app-prod1 would turn into app-prod1.<your-org-name>.sdm.network)
--tags value tags e.g. 'key=value,...'
--template, -t display a JSON template
--timeout value set time limit for command
--username value (conditional, secret)
ssh
NAME:
sdm admin servers add ssh - create SSH (Public Key) server
USAGE:
sdm admin servers add ssh [command options] <name>
OPTIONS:
--allow-deprecated-key-exchanges sdm must use TLS to connect
--bind-interface value bind interface (default: "127.0.0.1")
--egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
--hostname value (required)
--key-type value
--port value (required) (default: 22)
--port-forwarding
--port-override value port profile override (default: -1)
--proxy-cluster-id value proxy cluster id
--secret-store-id value secret store id
--subdomain value This will be used as your local DNS address. (e.g. app-prod1 would turn into app-prod1.<your-org-name>.sdm.network)
--tags value tags e.g. 'key=value,...'
--template, -t display a JSON template
--timeout value set time limit for command
--username value (required, secret)
ssh-cert
NAME:
sdm admin servers add ssh-cert - create SSH (Certificate Based) server
USAGE:
sdm admin servers add ssh-cert [command options] <name>
OPTIONS:
--allow-deprecated-key-exchanges sdm must use TLS to connect
--bind-interface value bind interface (default: "127.0.0.1")
--egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
--hostname value (required)
--identity-alias-healthcheck-username value (conditional)
--identity-set-id value
--identity-set-name value set the identity set by name
--key-type value
--port value (required) (default: 22)
--port-forwarding
--port-override value port profile override (default: -1)
--proxy-cluster-id value proxy cluster id
--secret-store-id value secret store id
--subdomain value This will be used as your local DNS address. (e.g. app-prod1 would turn into app-prod1.<your-org-name>.sdm.network)
--tags value tags e.g. 'key=value,...'
--template, -t display a JSON template
--timeout value set time limit for command
--username value (conditional, secret)
ssh-customer-key
NAME:
sdm admin servers add ssh-customer-key - create SSH (Customer Managed Key) server
USAGE:
sdm admin servers add ssh-customer-key [command options] <name>
OPTIONS:
--allow-deprecated-key-exchanges sdm must use TLS to connect
--bind-interface value bind interface (default: "127.0.0.1")
--egress-filter value apply filter to select egress nodes e.g. 'field:name tag:key=value ...'
--hostname value (required)
--identity-alias-healthcheck-username value (conditional)
--identity-set-id value
--identity-set-name value set the identity set by name
--port value (required) (default: 22)
--port-forwarding
--port-override value port profile override (default: -1)
--proxy-cluster-id value proxy cluster id
--private-key value The file path of the private key used to authenticate with the server. (required, secret)
--proxy-cluster-id value proxy cluster id
--secret-store-id value secret store id
--subdomain value This will be used as your local DNS address. (e.g. app-prod1 would turn into app-prod1.<your-org-name>.sdm.network)
--tags value tags e.g. 'key=value,...'
--template, -t display a JSON template
--timeout value set time limit for command
--username value (conditional, secret)