Skip to main content

Readying a Host for Zero Trust Connections

To be able to make SSH connections to the target hosts using Zero Trust, you must first deploy the host to PrivX.

  1. Log in to the PrivX GUI. Navigate to Administration→Deployment→Deploy and Configure SSH Target Hosts.

  2. Select the option Configure Using a Deployment Script.

  3. Click Add Script. Download the deploy.py script when prompted to.

  4. Copy the script to the target host, and run the script as root, using the --standalone, and --delegated-principals option, adding the target users in as a comma separated list:

    # deploy.py --standalone --delegated-principals user1,user2,user3
    note

    The added users will be available target users for authorizing into the target host using Zero Trust.

To verify that the server is properly added to PrivX: in PrivX UI, locate the newly added server, verify the accounts and match the Hostname, IP addresses and SSH target for the PKM known ones.

On the list of accounts you should see the explicit usernames that you added via the deployment script