Skip to main content

Host States

A host in the managed environment can be in the monitored, managed, or suspended state. When a host enters the managed environment, it is initially in a monitored state.

A host in the managed environment may be in one of the following states:

  • Suspended: Key Manager does not establish management connections to suspended hosts, and any management operations requiring a connection (such as automatic host scans, and key actions) are therefore disabled as well. The only management actions allowed on suspended hosts are those that do not require access to the host (such as host-group actions, tagging, and modifying host settings). A host can be set to this state to ensure that Key Manager does not modify the host in any way. Because automatic host scans are disabled on suspended hosts, information such hosts and their keys may be out of date.

  • Monitored: This can be regarded as a 'read-only' state for the host. Management actions that write to the host (actions that add, modify, or remove SSH keys or SSH configurations) are disabled on monitored hosts. Hosts can be set to this state to ensure that Key Manager does not write changes to the host. Monitored host can be scanned to detect manual changes in SSH keys and SSH configurations.

  • Managed: All management actions are enabled on the host. Any SSH keys that are discovered during a host scan are marked as unmanaged.

Additionally, a host may be in the available, externally monitored, or created state:

  • Available: The host is recognized by the Key Manager system. but it is not part of the managed environment. The host exists in the Key Manager Database but it cannot be scanned or managed in any way.

    If the host was put in Available state because of the initial full scan job failing during host deployment, you may retry the deployment directly by issuing a Deploy action for the host.

  • Externally monitored: The host data has been imported by running the scan tool on the host, and importing the resulting file to Key Manager. The host is in read-only state, and can only be managed by deploying it first as a conventional agentless or agent-managed host, bringing it to monitored state, from which it can then be moved to managed state.

  • Created: The host has been added to Key Manager's database without scanning it. The host exists only as a placeholder object, waiting to be scanned. The scan will then populate the host with actual data, and move it to monitored, or externally monitored state.