Bastionhost provides the key management feature. This feature allows you to create keys and associate the keys with multiple host accounts at a time. This way, you can manage host accounts in a more efficient manner. This topic describes how to use the key management feature.

Background information

If you want to use Bastionhost to save your private keys, you can deploy key pairs on hosts. Then, you can use the key management feature to create a shared key and associate the shared key with different host accounts.

Step 1: Create a key

  1. Log on to your bastion host. For more information, see Log on to a bastion host.
  2. In the left-side navigation pane, choose Assets > Keys.
  3. On the Keys page, click Create Key.
    Note You can enter only a Rivest-Shamir-Adleman (RSA) key that is generated by using the ssh-keygen tool.
  4. In the Create Key panel, configure Key Name, Key, and Encryption Password.
  5. Click Create.
    The key that you created appears on the Keys page.

Step 2: Associate the key that you created with a host account

  1. Log on to your bastion host. For more information, see Log on to a bastion host.
  2. In the left-side navigation pane, choose Assets > Keys.
  3. On the Keys page, find the newly created key and click Associate Host Account in the Actions column.
    Note You can associate the key only with the host accounts whose Protocol is set to SSH.
  4. In the Associate Host Account dialog box, select the host with which you want to associate the key.
    Note You can associate a shared key with multiple host accounts. You can bind a host account to only one shared key.
  5. In the lower-left corner, click Associate.
  6. Click OK.
    After you associate the key with the host account, the key becomes the shared key of the associated host. The shared key is preferentially used to log on to the host on which you want to perform O&M operations.