How Bravura Security Fabric manages SSH public keys for accounts
Bravura Privilege can be configured to control access to accounts on Unix servers by using temporary SSH trust relationships.
The following mechanisms are used to manage SSH public keys:
Auto-discovery of SSH public keys and authorized keys for accounts on Unix servers.
Connector operations for SSH public key injection and removal.
Default access disclosure plugin for connecting to the server using SSH keys.
Check-out and check-in failure retries if servers cannot be reached.
The above are used when Unix managed systems are integrated with Bravura Privilege in ”push mode”.
You can select accounts to be used for accessing files or running commands on a Unix server. Users can check out these accounts using their SSH pubic key. This means that at check-out time, their public key is added to the server and at check-in time, their public key is removed.
Users must have their SSH public keys in their profile when using SSH keys to check out accounts.