DocsICP FilingConsole
官方文档
首页

Shared keys

更新时间:
复制 MD 格式
产品详情
我的收藏

The shared key feature in Bastionhost allows you to host private keys for logging in to hosts. You can share these hosted keys across multiple host accounts to centralize management and improve O&M efficiency. This topic describes how to create and manage shared keys in Bastionhost.

Create a private key and associate host accounts

You can create a private key in Bastionhost and associate it with one or more host accounts. Once associated, the private key acts as a shared key for the associated hosts. During host O&M, Bastionhost prioritizes the shared key for authentication.

  1. Log on to the Bastionhost console. In the top navigation bar, select the region where your Bastionhost instance is located.

  2. In the list of Bastionhost instances, find the target instance and click Manage.

  3. In the navigation pane on the left, choose Assets > Shared Key.

  4. On the Shared Key page, click Create Private Key.

  5. In the Create Private Key panel, enter a Name, the Private Key, and an Encryption Password.

    Note

    For the Private Key field, you can enter an RSA or Ed25519 key generated using the ssh-keygen command.

  6. Click Create, and in the Completed section, click Associate Host Account.

  7. In the Associate Host Account dialog box, select the host accounts that you want to associate. Then, click Associate in the lower-left corner or in the Actions column of a target host account, and click OK.

    If you do not associate a host account when creating the private key, you can associate it later from the Actions column for the key in the private key list.

    Note

    • Shared keys can only be associated with host accounts that use the SSH protocol.

    • A shared key can be associated with multiple host accounts, but each host account can be associated with only one shared key.

Edit a private key

You can edit a private key to update its basic information or manage its associated host accounts.

  1. Log on to the Bastionhost console. In the top navigation bar, select the region where your Bastionhost instance is located.

  2. In the list of Bastionhost instances, find the target instance and click Manage.

  3. In the navigation pane on the left, choose Assets > Shared Key.

  4. In the private key list, locate the key to modify and click Edit in the Actions column.

  5. In the panel that appears, edit the private key.

    • On the Basic Information tab, modify the Name, Private Key, or Encryption Password. After you make the changes, click Update.

      Note

      After you update the basic information, the Last Modified At value in the private key list is updated to the time of the modification.

    • On the Host Account tab, add or remove associated host accounts.

      • Add an association: Click Associate Host Account. In the Associate Host Account dialog box, select the host accounts that you want to associate, click Associate in the lower-left corner or in the Actions column of a target host account, and then click OK.

      • Remove an association: In the list of associated host accounts, click Disassociate in the Actions column for the desired account.

Previous:Use the automatic password change featureNext:Network domains