Remote Access Desktop Application (Beta)
The Akeyless Remote Access Desktop Application enables secure and seamless connections to remote resources
The Beta version supports macOS and Windows operating systems
How it works?
- The Desktop Application retrieves connection details from the target item (e.g., MY-MSSQL-connection) and initiates a connection.
- It uses the Akeyless CLI to establish a tunnel, leveraging the SSH certificate configured in the Defaults Configuration window
Important
If you don't have an SSH certificate yet, please follow this guide on creating an SSH Cert issuer with Akeyless and set your
CAPublicKeyin thevaluesfile.You will also need to enable Secure Remote Access on the SSH Cert Issuer either in the UI or by adding the
--secure-access-enabletrue flag to your CLI commandLastly, ensure that the
akeylessuser is added to the list ofAllowed User(s)in the SSH-CERT-Issuer item.
- Upon successfully connecting to the remote target, the Desktop Application launches the default application configured for this resource type.
Info
Applications such Azure Data Studio, WindowsApp, DBeaver, Putty, etc should already be installed on the local machine where the desktop application is installed.
Setup
Windows Setup
-
Open Windows command line as an Administrator and generate Private & Public SSH keys locally. You can use the following command:
ssh-keygen -t rsa- This will create an .ssh folder with the respective
id_rsaandid_rsa.pubfiles.
- This will create an .ssh folder with the respective
-
Execute the Desktop Application Setup as an Administrator → The Desktop Application will be installed at
\Users\<username>\AppData\Roaming\Akeyless-desktop
MacOS Setup
- After downloading the appropriate installer file, locate it in your
Downloadsfolder or the directory you specified. - Double-click the installer file (.
dmg) to open it. You may need to wait while macOS verifies the file. - In the installer window, drag the application icon to the Applications folder. This will copy the application to your system.
- The Desktop Application will be installed at:
\Users\<username>\Library\Application Support\Akeyless-Desktop
- Navigate to the Applications folder and double-click the application to launch it.
The installation folder contains the following:
config.json - the configuration file (includes the basic configuration parameters required to launch the desktop application). This file can be deployed by the Admin across the organization
Logs - can be found at \Akeyless-desktop\logs
Configuration
Defaults Configuration
When connecting to a remote target, the Desktop Application fetches the required parameters from the item (as Gateway Name, port, SRA address, etc).
However, there are several parameters that needs to be define prior working with the desktop application:
- Cert Issuer - This is the name of the SSH Certificate Issuer the Akeyless CLI will use to initiate the connection
- Web Application Dispatcher & Web Proxy URL - Should be provided if working with Zero trust Web Access solution (ZTWA)
Application Mapping
Resources types listed in the application should be mapped to applications. When using mapped application, the Desktop application launches the native application and injects the secret.
The steps in the process are as follows:
Step 1 - Connect to a Resource
When trying to Connect to a resource a popup message appears asking to map an application
Step 2 - Map Resources
Desktop Application supports different types of application mapping:
- Native Applications - The below native clients are supported by the Desktop Application.
| Operating System | Resource | Application Type | Comments |
|---|---|---|---|
| Windows | MSSQL Server | Azure Data Studio | |
| RDP | Remote Desktop | ||
| Postgres DB | DBeaver | ||
| SSH Cert Issuer | OpenSSH Client | ||
| SSH username & password | Putty | Specify Port 2022 | |
| SSH File Transfer | WinSCP | ||
| Powershell | Putty | PS Tag should be configured on the secret item | |
| Direct Connection / Secure Remote Access | Default Browser | ||
| MacOS | MSSQL Server | Azure Data Studio | |
| Postgres DB | DBeaver | ||
| RDP | WindowsApp | ||
| SSH Cert Issuer | OpenSSH Client | ||
| SSH username & password | OpenSSH Client | ||
| Direct Connection / Secure Remote Access | Default Browser |
- Custom Application - The user can decide which application to launch for different resource types by adding the full path to the application.
- Connection String - The Desktop application provides a connection string to launch the application (can also include the username & password OR hide it)*.
NOTE:
- This list is limited due to the application still being in Beta.
- It is advised to click the Disconnect button in the Desktop Application to close the launched application which will close the application and tunnel.
Step 3 - Connecting to a target with Multiple hosts / Linked Target
- Select the target with multiple hosts and process on Select Host(s)
- Add the host(s) you would to connect to and press
Confirm. The selected host will be added to the list. - Now you can Connect each one of them.
NOTE - Removing host from the list only removes it from the list of hosts in the desktop application.
Updated 15 days ago