Bastionhost provides the shared key feature. This feature allows you to create a private key and associate the key with multiple host accounts at a time. This way, you can manage host accounts in a more efficient manner. You can edit the basic information about a private key. You can also associate a private key with host accounts or disassociate it from the associated host accounts. This helps you better perform O&M tasks. This topic describes how to create a private key and edit the information about a private key.

Background information

If you want to use a key pair to connect to assets, you can upload the private key to your bastion host instance and deploy the public key on hosts. Then, you can use the shared key feature to create the private key and associate it with different host accounts.

Create a private key

You can create a private key and associate it with one or more host accounts on your bastion host instance. After you associate the private key with one or more host accounts, the private key becomes the shared key of the associated hosts. The shared key is preferentially used to log on to the hosts on which you want to perform O&M operations.

Step 1: Create a private key

  1. Log on to your bastion host. For more information, see Log on to the console of a bastion host.
  2. In the left-side navigation pane, choose Assets > Shared Key.
  3. On the Shared Key page, click Create Private Key.
  4. In the Create Private Key dialog box, specify Name, Private Key, and Encryption Password.
    Note In Private Key, you can enter only a Rivest-Shamir-Adleman (RSA) key that is generated by using the ssh-keygen tool.
  5. Click Create.
    The new private key appears in the list of shared keys.

Step 2: Associate the new private key with host accounts

Note
  • You can associate a shared key only with the host accounts whose protocol is set to SSH.
  • A shared key can be associated with multiple host accounts, but a host account can be associated with only one shared key.
  1. On the Shared Key page, find the private key in the private key list, and click Associate Host Account in the Actions column.
  2. In the Associate Host Account dialog box, select the host account to which you want to associate the private key and click Associate in the lower-left corner or in the Actions column of the host account.
  3. Then, click OK.

Edit the information about a private key

You can modify the basic information about a private key on the Basic Information tab. You can also associate a private key with a host account or disassociate the private key from a host account on the Host Account tab.

  1. Log on to your bastion host. For more information, see Log on to the console of a bastion host.
  2. In the left-side navigation pane, choose Assets > Shared Key.
  3. In the private key list, find the private key for which you want to modify the information and click Edit in the Actions column.
  4. In the dialog box that appears, edit the information about the private key.
    • On the Basic Information tab, modify the Name, Private Key, and Encryption Password parameters. After you modify the parameters, click Update.
      Note After the basic information about the private key is updated, the Last Modified At column of the private key in the private key list displays the time when the information about the key was last modified.
    • On the Host Account tab, associate the shared key with a host account or disassociate the shared key from a host account.
      • Associate the shared key with a host account: Click Associate Host Account. In the Associate Host Account dialog box, select the host account to which you want to associate the key and click Associate in the lower-left corner or in the Actions column of the host account. Then, click OK.
      • Disassociate the shared key from a host account: In the Actions column of the host account from which you want to disassociate the key, click Disassociate.