Managing Remote Access Keys

You can use Harmony Connect Application-Level to manage your SSH keys when you configure your SSH applications.

To configure connectivity to an SSH server within your network, configure the server's account name and a password or a private key to be used in the process of authentication to the server.

To configure user authentication to the server, you may select to authenticate with a short-lived token or with a public-private key pair, while each of them is issued and managed internally. The keys are rotated periodically and can be manually revoked at any time.

All sensitive data (private keys and passwords) is stored using Corporate Applications secure internal storage using Hashicorp's Vault. Data is encrypted using encryption keys which are stored and managed by the same secure storage. All the traffic is encrypted in transit via mutual TLS1.2. Certificates for those communications are managed internally by Corporate Applications PKIs and rotated periodically.

These keys support rotation so that they are available for change on demand. All master keys are protected in cloud An administrator approved Harmony Connect cloud location that processes the internet and corporate traffic. KMS and are hardware backed in HSM. For more information, see Cloud KMS FAQ.

Access to Corporate Applications internal storage is protected using the highest industry standards.

Access is only permitted from a single isolated location though a mutual TLS connection. In addition, Application Access internal storage have aggressive access permissions.