SSH Connection Methods
Harmony Connect Application-Level allows Privilege Access Management through Harmony Connect Application-Level system.
With Harmony Connect Application-Level SSH connectivity and management, administrators can:
-
Manage Permissions:
-
Access permissions are managed by user identities (synced with your IDP)
-
Segmented access only to selected servers
-
Terminate active sessions in real-time
-
-
Get Visibility:
-
Activity log for every connection
-
Detailed list of all commands ran by a user in a session
-
-
Avoid Managing Keys:
-
Instead of users holding keys to all servers (or vice versa: servers holding all user keys), with Harmony Connect Application-Level, both may only hold a single key, while access decisions are determined logically. Read more about it below.
-
-
Allow Better User Experience:
-
Native and seamless user experience
-
Users hold a single connection key to all servers
-
Connection between the User and Harmony Connect
This connection method is determined by the user.
Users have two options in connection to Application Access:
-
One-time password:
Users are able to connect to Application Access with an OTP, which is fetched for every access from their Infinity Portal.
-
User key:
Harmony Connect allows users to hold a private, non-transferable key to serve as a connection method to Application Access. This key can be downloaded from the User Portal App, and can be revoked and regenerated in any given time.
To read more about user connection methods to Harmony Connect Application-Level, refer to SSH (Linux) Server Access.
Connection between Harmony Connect and the Server
Administrators are able to connect SSH servers to Harmony Connect Application-Level with two methods:
-
Upload server key/password:
Upload a server key/password and connect it to a specific account. When connecting to Harmony Connect Application-Level with any of the methods above, users are automatically and seamlessly connected to the configured account.
You can read about Harmony Connect Application-Level security standards for key and passwords storage in Managing Remote Access Keys.
-
Establish direct access:
Once users are connected to Harmony Connect Application-Level, allow direct access to the server with a login to the machine using their own account credentials.
Seamless User Connectivity
For any of the above options, the user experience is seamless for the end user. In one or two commands ran in their native computer client, users are connected to the server and are able to work seamlessly.
Access permissions are determined logically in Harmony Connect and do not affect the user experience.