cr314 Contributor.
Contributor.
470 views

How to enable the Key Checkout for Shared Key

Hello everyone,

I have PAM 3.2.0-4 installed in a RedHat Server, I'm trying to enable the Key Checkout for Shared Key, I followed the steps mentioned in "Privileged Account Manager™ 3.2 Administration Guide" document without any success.

I'm looking for access to one server using a ssh key.

Could you help me please to solve this issue?.

Thanks in advance,

Regards.
0 Likes
2 Replies
Micro Focus Expert
Micro Focus Expert

Re: How to enable the Key Checkout for Shared Key

Hey there, I suspect the issue you are having when following documentation steps is the Command you created is possibly missing "<Keys>*" as well as "KEY_SSH Key" .. Otherwise, I'll demonstrate below the required steps to configure this use-case within PAM.

From the Enterprise Credential Vault:

1) Create a Shared Key Domain: see Creating Shared Key Domain.

2) Add Shared Key(s): see Adding Shared Keys.


From the Command Control Console:

1) Create a cmdctrl rule to enable key checkout for the shared key domain you created above: see Enabling the Key Checkout for Shared Key.

- Command example for SSH Key type would include the following two commands:
<Keys>*
KEY_SSH Key

Note: Apply this command as a rule condition to the cmdctrl rule created. For more details, please refer to Setting Conditions for a Rule.

- CmdCtrl rule with the command rule condition(s) applied.
Note: Other details about this cmdctrl rule configuration can be found in above link for step 1.
0 Likes
cr314 Contributor.
Contributor.

Re: How to enable the Key Checkout for Shared Key

It's working, thanks
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.