Skip to main content

Modifying SSH Configurations

SSH configurations should be modified via Key Manager. However, sometimes an SSH configuration file gets modified locally in the host. When the assigned configuration is not the same as the configuration that is deployed on the host, Key Manager considers it a configuration mismatch. This situation arises if either a Key Manager admin assigns a new, or modified, configuration to Key Manager but does not deploy it, or if the configuration was locally modified on the host outside Key Manager. The first mismatch will have a pending-deployment status. The latter mismatch will be noticed during the next host scan, and the configuration will be marked as not-up-to-date (locally modified).

In the case that a Key Manager administrator has made modifications to an SSH configuration file in Key Manager (by clicking View on the SSH configuration entry, and then Edit), first the administrator must assign the SSH configuration to the hosts. Then, to update the SSH server's configuration file, the administrator must deploy it to the hosts. For more information on deploying SSH configuration to hosts, refer to Deploying SSH Configurations to Hosts.

In the case that an SSH configuration file has been edited locally in a host, Key Manager will issue:

  • an alert stating that Managed configuration was locally modified

  • in the host's details panel's SSH software section in SSH servers Deployed configurations a Locally‑modified status

    tip

    Clicking the status will open documentation about modifying SSH configurations. You can view the SSH configuration in question by clicking the View config link.

In this case the Key Manager administrator can either accept the modified SSH configuration by assigning it to the hosts, or restore the SSH configuration file existing in Key Manager by deploying it to the hosts.

Accepting a Locally Modified SSH Configuration to Hosts

In cases that the local modifications to SSH configuration are acceptable, you can accept them by assigning the configurations as follows:

  1. On the host's details panel's SSH servers section click on the Deployed configurations entry.

  2. On the SSH configuration's menu choose Manage.

  3. Click Clear to remove the filter options.

  4. In order to assign the SSH configuration to the hosts, on the managed SSH configuration's menu choose Assign, and click Confirm.

Deploying an Existing SSH Configuration to Hosts

If you want to deploy the SSH configuration file existing in Key Manager's database to the hosts, and override the changes made to the SSH configuration file locally on the host do as follows:

  1. On the host's details panel's SSH servers section click on the Latest pending deployment configurations entry.

  2. In order to deploy it to the hosts, on the SSH configuration entry's menu choose Deploy, and click Confirm.