Skip to main content

Use case: Using SSH keys to check out a single account

This example demonstrates the typical workflow steps followed when regular users request to check out a managed account using their SSH keys.

Request the check-out

  1. Log into the Front-end (psf) as a regular user.

    The user should already have SSH public keys in the profile .

  2. Click Privileged access to open the Privileged access app.

  3. Click Accounts under the PRIVILEGED ACCESS heading to display the available accounts in the Results panel.

  4. From the Results panel select the account you want to check out.

  5. Click Request check-out in the Actions panel.

  6. Review the required information for the request.

  7. Select ’SSH key’ for Operation to perform for check-out and check-in.

    26589.png

  8. Select a SSH public key file from your profile for SSH public key to add to account.

  9. Click Submit at the bottom of the form.

    Bravura Security Fabric issues the request, notifies the appropriate authorizers, and displays the a summary of the details in the Actions panel.

    You can click on the various links under the REQUESTS heading in the Filter panel to view your request status.

    26590.png
Authorize the request

To authorize the request:

  1. Log into the Front-end (PSF) as an authorized user. In this example, you can see in the details of the request, the authorizer is Abel Malone.

  2. Click You have 1 request(s) awaiting your approval. This will open the Requests app.

  3. Click Active under the REQUESTS heading to display the active request.

  4. Select the request you want to review from the Results panel.

    The details will appear in the Actions panel for you to review.

    26591.png

  5. Click Approve.

    You have the option to include some notes in the approval.

  6. Click Approve again.

Check out the managed account

Once the request has been approved, you can check-out the account:

  1. Log into the Front-end (PSF) as the requester again.

  2. Click the link Your privileged access request has been approved.

  3. Select the request from the Results panel if it is not pre-selected.

  4. Click Check out in the Actions panel. Wait for the check-out operation to finish. During this time, Bravura Security Fabric is attempting to add your SSH public key to the SSH server.

    26592.png

  5. If the check-out operation failed, Bravura Security Fabric will automatically attempt to check out the account again after a certain amount of time. Alternatively, you can click Check-out retry to try checking it out again now.

    26593.png

  6. Once the check-out operation is successful, the Privileged access app will display the PuTTY over SSH access disclosure plugin.

    26594.png

  7. To connect to the SSH server and access the managed account, click PuTTY over SSH.

    The user is connected using SSH key authentication.

Check the account back in

Once you have finished using the account, check it back in.

Click Check in in the Actions panel.

Bravura Security Fabric removes your SSH public key from the SSH server and checks the account back in.

In this section: