Key Manager System Architecture
Figure 3.1. PrivX Key Manager components
A Key Manager deployment consists of the following:
- One Key Manager Database
- One to several Key Manager back ends.
- One to several Key Manager front ends.
Key Manager back end
Key Manager back ends run the management engine, and communicate with the hosts in the managed environment. Key Manager back ends perform key-management operations on the hosts in the managed environment via a SSH-encrypted management connection.
Key Manager front end
Key Manager front ends provide the Key Manager administrative interfaces, including the Graphical User Interface (GUI), the Application Programming Interface (API), and the command-line client. The administrative interfaces are served by an nginx web server over TLS-protected connections. We recommend to have a dedicated host for the command-line client instead of having Key Manager operators using it directly on Key Manager servers.
Key Manager Database
The Key Manager database stores the management data, such as user and trust-relationship information, job logs, system audit trails, and so on. Critical data in the database (passwords and passphrases) is encrypted. Connections between the database and other Key Manager system components can be encrypted using TLS.
More precisely, the Key Manager Database stores the following information:
- the host environment structure
- host information
- host public keys
- SSH server configurations
- SSH user key authorizations
- administrator audit logs
- permissions
- licenses
- settings
Key Manager agent
A software component called the Key Manager agent can be installed onto the hosts. Hosts equipped with a Key Manager agent contact the Key Manager system regularly for key management.
The Key Manager back end can also connect to hosts using agentless connections, which does not require an agent to be present on the target host.