Use SSH Keys

SSH keys can be used for authentication rather than user names and passwords. At startup, BeyondInsight for Unix & Linux (BIUL) creates a new keypair if there isn’t one in the system.

BIUL maintains one active key at a time.

Deploy an SSH Key

You can deploy a key to one or more servers by using the Actions menu.

Credentials imported from Password Safe cannot use the BIUL SSH key for authentication.

To deploy SSH keys:

1. Go to the Hosts > Host Inventory page.
2. Select one or more hosts:
   • Single host: Select the host, and then at the far right, click the ellipsis menu icon and select Deploy SSH Key For Authentication.
   • Multiple hosts: For all hosts you want to deploy an SSH key to, check the boxes on the left of the hostnames. From the Actions menu, select Deploy SSH Key For Authentication.
3. Select a credential from the list.
4. Click Deploy SSH Keys. The current active SSH key is added to the user's authorized keys (~/.ssh/authorized_keys file) on the selected hosts.

Download a Public Key

You can download the public key to use external to BIUL, for instance, by adding the key to a virtual machine template.

1. Go to the Hosts > SSH Keys page.
2. Click Manage SSH Keys, and then select Download Public Key.

Rotate a Public Key

You can rotate the SSH key and push to known hosts already using a key.

1. Go to the Hosts > SSH Keys page.
2. Click Manage SSH Keys, and then select Rotate SSH Key.
3. Select one of the following:
   • Deploy To Latest: Push the new key to hosts that are known by BIUL to be using the most recent active key.
   • Deploy To All: Push this key to all hosts that BIUL has pushed keys to before.
4. Click Rotate SSH Key.

Disable a Key

You can disable the SSH key.

1. Go to the Hosts > SSH Keys page.
2. Select one or more keys in the list.
3. From the Actions menu, select Disable Keys.
4. To confirm the action, click Disable.