Configure and deploy a SSH application

Create an SSH application and configure it with settings that define how end users interact with the remote application environment.

Before you begin

To create an SSH application, Add an application to EAA, select type SSH, and complete these fields as needed for your application.

Enterprise Application Access (EAA) supports both public-private key pairs and username and passphrase as modes of authentication for secure shell (SSH). SSH is more secure way to connect to any server that logging in with user name and password since both the public-private key pairs are needed for authenticating with the SSH server. Browser-based SSH applications in EAA currently support only RSA and DSA keys for key verification.

How to

  1. Add an SSH application. For instructions on creating an application, see Add an application to EAA. When you complete the step for selecting the application type, ensure that you select SSH.
  2. In the general settings section, for Application server IP/FQDN. Enter the internal IP address for the server, or the fully qualified domain name (FQDN) that you use to access this server when you are inside in your company’s network. You will see a DRAFT VERSION next to the application name, till you deploy the application.
  3. SSH Username. Provide the user name used for authentication with the application. If it is provided, the application asks for a password at login. If it is not provided, the application asks for both a username and password at login.
  4. SSH Passphrase. The passphrase is needed to decrypt the private key used in public key authentication. It is optional and is not needed if the private key does not require a paraphrase when you configured the SSH keys in your SSH server. But, if the private key requires a paraphrase and is not provided here, the user is prompted for it when connecting to the SSH server.
  5. SSH Private Key. Provide the entire contents of the private key used for public key authentication. It should be in OpenSSH format and generated by OpenSSH ssh-keygen utility.
  6. SSH Host Key. If you want the EAA connector to validate the origin server, provide a key for the SSH Host. If no key is provided, SSH host validation is not done. Multiple SSH host keys are not supported.
  7. Disable clipboard functionality. Use this option to prevent users from copying information from a RDP session. Otherwise you can copy the information from the session window.
  8. Select an External Host Name Field domain type, then enter the hostname for the application. Do one of the following:
  9. Associate a connector with the application. Click Add/Remove connector.
  10. Click Done.
    Note: EAA recommends more than one connector for high-availability and load balancing.
  11. Click Save and go to Authentication. The Authentication tab opens.
  12. Configure Authentication settings. You can Assign identity providers to an application, after adding directories, users and groups.
  13. Configure Save and go to Services The Service tab opens. If you want to configure these optional services, see Set up services for an application.
  14. Click Advanced Settings. The Advanced Settings tab opens. If you want to configure these optional advanced settings, see Set up advanced settings for an application
  15. Click Save and go to deployment. The deployment tab opens.
  16. If all required information for the application is configured, the application is ready for deployment. Click Deploy Application. To learn more see Deploy the application.

    The deployment takes between three and five minutes. When deployed, your application is ready for secure access by your users