Installing Automated Key Server Scripts

Lee Painter

We have a number of different packages for installing scripts that provide integration with OpenSSH server's public key authentication and the JADAPTIVE Authentication Gateway.

These scripts rely on the AuthorizedKeysCommand and AuthorizedKeysCommandUser configuration settings supported by OpenSSH.

Quick Setup

We have created a script that will check and install the dependencies and package required. This currently supports DEB and RPM package managers.

Execute the following commands on your server as root (or use sudo).

wget https://www.jadaptive.com/bootstrap-key-server
chmod u+x bootstrap-key-server
./bootstrap-key-server

If you do not have wget installed, but you have curl use:

curl -k https://www.jadaptive.com/bootstrap-key-server --output bootstrap-key-server
chmod u+x bootstrap-key-server
./bootstrap-key-server

This script will download the latest version of the packages, check and install curl and openssh-server dependencies if required. Then install our key server package which will reconfigure the sshd to trust any gateway account that a user has placed in their ~/.ssh/authorized_users file.

Authorizing

Once installed, any SSH user can authorize access to a gateway account by executing the command:

auth-gateway-user --add <email>