Adding Sub SSH User

* It adds system users on remote servers. Enables you to login as those non privileged users remotely instead of root. Make sure to create "Sub SSH User Mapping" for using it.

Click  on the right menu and the Add Sub SSH User form opens up as follows.


  • Username  Specify sub ssh system User name to be created on all remote servers. The user would be added with a bash shell, 15 char long password and, 4096 Bit RSA Key. The remote sub system users are created autmatically when Unamanaged tickbox is checked
  • Groups Specify the unix system group that the remote sub ssh user would belong to. In the below example, the sub ssh user Ben would belong to Unix group wheel and admin so that the sub ssh user ben can perform specific operations that the groups members are allowed to perform such as sudo su etc.





  • Unmanaged  Enabling this will not create the non privileged system user across the remote servers automatically, instead the remote  system user should be created and managed  on the remote servers via  LDAP or other automations ( Ansbile, Chef, Puppet) in which case you can enter the password or ssh private key of the sub ssh user. Note, that you can edit the unmanaged Sub SSH Users.

     



  • NOTE: In order to start using the SUB SSH User feature,  a  system user would be created ( with bash shell, 15 char long password, 4096 Bit RSA Key)  using the above username  on all servers. The gateway users would then login via ssh into the remote servers as these system users which would be as  defined in the Sub SSH  Users Maps. Also, it is recommended  to disable password based authentication mechanism in sshd configuration on target servers as keys based authentication are  more secure.


Delete Sub SSH User

Click under the Actions field.




Setup Sub SSH User

Click on the right menu for adding Sub SSH Users on all servers.





Edit Sub SSH User

Click on the edit icon to modify the unmanaged sub ssh user password and private keys. This is available only for the unmanaged Sub SSH user only.