Using the Access Client, you can access SSH servers in an SSH range using the SSH Range Application and get all the capabilities for SSH command visibility.
The SSH Range Application allows administrators to configure an IP range or a DNS wildcard that has multiple SSH servers. Atmos Agent users with access to the SSH application can now access all the servers in all their SSH ranges without going to the User Portal. Every SSH command is available in the Insights Dashboard and log export. Using this approach removes the administration of defining a single SSH application for each individual server.
This is a limited release feature.
For more information contact Axis Security Support: [email protected]
This feature is only supported when you have a single set of credentials for each user to connect to all your servers in the SSH range. If you have a different private key for each user for each one of your SSH servers or use different credentials for user login into these SSH range, this feature is not supported.
SSH servers can be accessed using three types of Axis applications:
- SSH Application: Provides clientless access to a single server, with full command visibility for a single SSH server.
- Network Range Application: Provides Atmos Agent access to a server range, without command visibility for multiple SSH servers.
- SSH Range Application: Provides Atmos Agent access to a server range with full command visibility. It can be used in cases where the user uses the same credentials when connecting to each server in the SSH range.
The command visibility is optional and can be turned off using the SSH security profile.
The following table summarizes the ways you can use an SSH application.
Table 1: SSH Application Use Cases
|Use Case||SSH Application||Network Range||SSH Range Application|
|Support clientless access||Yes||No||No|
|Define multiple servers in one application||No||Yes||Yes|
|Provide SSH command visibility ||Yes||No||Yes|
|Use different credentials for each server||Yes||Yes||No|
The user needs to upload their credentials: username and password or user name and private key in the User Portal. See Connecting to an SSH Range Application.
For information on the requirements needed to enable ICMP, click here.
For information on which ICMP commands are supported, click here.
Obtain the SSH range for your SSH servers to which you want to provide access.
To deploy an SSH Range Application:
Updated about 1 year ago