SSH Target

The Targets defines the endpoint for a rotated secret, and includes the credentials for securely connecting to the target to change service account credentials.

👍

You can use the same target for multiple rotated secrets.

For example, for a virtual machine, create an SSH target with the following details:

  • The hostname of the VM
  • The connection port (by default, 22)
  • The username for connecting to the VM to update service account credentials
  • The credentials for the user, usually a password or private key

You can define an SSH target to be used with SSH rotated secrets.

Create an SSH Target from the CLI

To create an SSH target from the CLI, run the following command:

akeyless create-ssh-target \
--name <Target name> \
--host <SSH hostname> \
--port <SSH port> \
--ssh-username <SSH username> \
--ssh-password <SSH password>

Where:

  • name: A unique name of the target. The name can include the path to the virtual folder where you want to create the new target, using slash / separators. If the folder does not exist, it will be created together with the target.

  • host: The SSH hostname.

  • port: The SSH port.

  • ssh-username: The SSH username.

  • ssh-password: The SSH password.

You can find the complete list of parameters for this command in the CLI Reference - Akeyless Targets section.

Create an SSH Target in the Akeyless Console

  1. Log in to the Akeyless Console, and go to Targets > New > SSH Target.

  2. Define a Name of the target, and specify the Location as a path to the virtual folder where you want to create the new target, using slash / separators. If the folder does not exist, it will be created together with the target.

  3. Define the remaining parameters as follows:

  • Hostname ,Port and Username to set up the connection.

  • Authentication Type: In this section, you can select the preferred type of authentication with the SSH server either SSH Key or Password

    • Select the SSH Key radio button to authenticate with the Private Key and an optional Passphrase.

    • Select the Password radio button to authenticate with the password.

Set the following details accordingly:

  • Private Key: Provide an SSH private key.

  • Private Key Passphrase: Enter a passphrase for the SSH key.

  • Password: Provide a password for the above-mentioned username.

  • Protection key: To enable Zero-Knowledge, select a key with a Customer Fragment. For more information about Zero-Knowledge, see Implement Zero Knowledge.

  1. Click Save.

Did this page help you?