Create an SSH application and configure it with settings that define how end
users interact with the remote application environment.
Before you begin
To create an SSH application,
Add an application to EAA, select type
SSH, and complete these fields as needed for your application.
Enterprise Application Access (EAA) supports
both public-private key pairs and username and passphrase as modes of authentication for
secure shell (SSH). SSH is more secure way to connect to any server that logging in with
user name and password since both the public-private key pairs are needed for
authenticating with the SSH server. Browser-based SSH applications in EAA currently
support only RSA and DSA keys for key verification.
How to
-
Add an SSH application. For
instructions on creating an application, see Add an application to EAA. When you complete the step for selecting the application type, ensure that
you select SSH.
-
In the general settings section,
for Application server
IP/FQDN. Enter the internal IP address for the server, or the
fully qualified domain name (FQDN) that you use to access this server when you
are inside in your company’s network. You will see a DRAFT VERSION next to the
application name, till you deploy the application.
-
SSH
Username. Provide the user name used for authentication with the
application. If it is provided, the application asks for a password at login. If
it is not provided, the application asks for both a username and password at
login.
-
SSH
Passphrase. The passphrase is needed to decrypt the private key
used in public key authentication. It is optional and is not needed if the
private key does not require a paraphrase when you configured the SSH keys in
your SSH server. But, if the private key requires a paraphrase and is not
provided here, the user is prompted for it when connecting to the SSH
server.
-
SSH Private Key. Provide the entire contents of the
private key used for public key authentication. It should be in OpenSSH format
and generated by OpenSSH ssh-keygen utility.
-
SSH Host Key. If you want the EAA connector to validate
the origin server, provide a key for the SSH Host. If no key is provided, SSH
host validation is not done. Multiple SSH host keys are not supported.
-
Disable clipboard
functionality. Use this option to prevent users from copying
information from a RDP session. Otherwise you can copy the information from the
session window.
-
Select an External Host Name
Field domain type, then enter the hostname for the application.
Do one of the following:
-
Associate a connector with the application. Click Add/Remove
connector.
-
Click Done.
Note: EAA recommends more than
one connector for high-availability and load balancing.
-
Click Save and go to
Authentication. The Authentication
tab opens.
-
Configure Authentication
settings. You can Assign identity providers to an application, after adding directories, users and groups.
-
Configure Save and go to
Services The Service tab opens. If you want to configure these
optional services, see Set up services for an application.
-
Click Advanced
Settings. The Advanced Settings tab opens. If you want to configure
these optional advanced settings, see Set up advanced settings for an application
-
Click Save and go to
deployment. The deployment tab
opens.
-
If all required information for
the application is configured, the application is ready for deployment. Click
Deploy
Application. To learn more see Deploy the application.
The deployment takes between three and five minutes. When deployed,
your application is ready for secure access by your users