Table of Contents | ||||
---|---|---|---|---|
|
...
To inactivate an endpoint click the Active link on the desired Endpoint, and it will toggle to Inactive. This will hide that Endpoint after leaving the screen, until the Active checkbox is unchecked. To reactivate an Endpoint, click the Inactive link and it will toggle back to Active. This endpoint is now active in the system again and ready for use.
...
FlexDeploy utilizes SSH to connect to its configured Endpoints . SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user. FlexDeploy supports Creating an SSH Endpoint using Password Authentication or using SSH Keys.FlexDeploy also supports using using Password authentication or SSH public-private keys.
FlexDeploy also supports using privilege escalation with sudo or pbrun (@since 6.5.0.3) for UNIX. See Privilege Escalation and Run as (user) details above.
...
Info |
---|
Flexagon focuses its testing with RSA keys for SSH, since their use is more prevalent by our customers. We therefore recommend using RSA. |
Include Page | ||||
---|---|---|---|---|
|
Password Authentication
Anchor | ||||
---|---|---|---|---|
|
The first mechanism is to use automatically generated public-private key pairs to simply encrypt a network connection, and then use password authentication to log on. In this case you must provide a Username and Password to connect to the endpoint. In this case you must provide a Username and Password to perform authentication.
Unix Example | Windows Example |
---|---|
Info |
---|
MacOS MacOS endpoints are supported using Unix Connection Type. |
Public-Private Key Authentication
Anchor | ||||
---|---|---|---|---|
|
The second technique is to use a manually generated In this case you must use public-private key pair to perform the authentication , allowing the FlexDeploy server to connect to endpoints without having to specify a password. In this scenario, a public and private key pair are generated on the FlexDeploy server. The (password in not required in this case). The private key is kept secretly on the FlexDeploy server by setting the permissions such that only the owner FlexDeploy server can read it (the userid which the FlexDeploy server is running as). The . The public key is copied to all endpoint computers which must allow access to the owner (user running FlexDeploy server) of the matching private key. While authentication is based on the private key, the key itself is never transferred through the network during authentication. SSH verifies whether the same person offering the public key also owns the matching private key. In this case you You must provide the Username, the path to the Private Key File on the server, on Endpoint where public key was copied, and an optional Passphrase (an optional password assigned to the private key when it was generatedat generation time).
...
Creating a Public-Private Key Pair
...
It is typical to use the default file name and location to store the private key (which is in the .ssh subfolder of the user's home directory). You can optionally secure the private key file with a passphrase. It is an SSH requirement that the private key be readable only by its owner (e.g. oracle in the example above). So you must change the permissions accordingly (e.g. chmod 600 /home/oracle/.ssh/id_rsa). You will receive an error at connection time similar to the following if you omit this step.
Permissions 0777 for '/home/oracle/.ssh/id_rsa' are too open.
It is recommended that your private key files are NOT accessible by others otherwise private key will be ignored.
Info |
---|
The /home/oracle/.ssh folder on the endpoint must have drw------- permissions. For example,
|
...