SSH Keys rotation
For SSH Keys, senhasegura can use the same operation workflow described for passwords change. The difference is just the screens and menus used to manage SSH Keys.
As credentials using usernames and passwords, SSH Keys should be related to devices.
- Access the menu PAM Core ➔ SSH Keys ➔ SSH Keys to get access to all SSH Keys registered.
- Click at the report action button New and fill the following fields:
- At the Information tab:
- Username (key owner): Operation system user owner of the key
- Device: Device where the SSH Key is installed
- Key name: A alias for internal senhasegura identification
- Key path: The physical location of the key inside the device file system
- Status: Flag if the key is able for use inside senhasegura
- Tags: User defined tags for data segregation and filters inside senhasegura
- At the Key data tab:
- Set current password: Checkbox to define manually the current key password
- Show password: Checkbox to define if the password field will display the plain-text password without mask
- Password: Input the current password
- Private key: Input the plain-text private key value as PEM format
- Public key: Input the plain-text public key value
- At the Addition settings tab:
- Enable automatic change: Check if you want to senhasegura enable this key to be automatically changed
- Use the key itself to connect: Check if you want to use the key itself to authenticate the target SSH session
- Credential or SSH key for authentication: If you choose to not use the key itself for authenticate, you can choose another credential to execute the change process
- At the Devices tab you can link all devices which this key is published. So senhasegura will replace the key at the owner device and echo the public key into the related devices;
Finished the SSH Key registering, you can execute a change operation request as explained earlier.