SSH keys
Required Roles | n/a |
Required Rights (by category) |
SSH Key Management |
Perspective | Configuration Management |
Access | DROPS Server → Configuration → SSH Keys |
DROPS can generate SSH key pairs to facilitate secured connections to external target tools. It is not required to use an SSH key generated by DROPS to connect to external tools but it is an option among others.
An SSH key pair is comprised of:
- the private key, referenced in DROPS.
- the public key, which must be referenced by the system to which DROPS needs to connect.
The SSH keys generated by DROPS are either EdDSA or RSA keys.
If you are using the agentless mode to connect an infrastructure item to a target (in order to deploy to that target), the SSH keys defined in this section can be used to secure the connection. SSH keys can be generated in the DROPS Studio or imported if you have already generated the key(s) you want to use elsewhere.
For more information about how SSH keys are used in DROPS, refer to Infrastructure items
To access the SSH Keys view, select the keys node in the Configuration menu. The SSH Keys view displays all of the keys defined for the current server. Each key's fingerprint is displayed in the Fingerprint column.
Follow the subsequent steps to create a new SSH key pair.
Step 1 To access the SSH Key wizard, either click the create icon in the SSH Keys search view or right-click anywhere in the view and select Create new SSH key.
Step 2 Enter a recognizable ID in the Key Identifier field.
Step 3 Select the Type of key to generate. You can choose between an EdDSA key and a RSA key.
Step 4 Enter the passphrase for the SSH key pair.
The passphrase will not be displayed in order to ensure absolute confidentiality. Be sure to enter the correct passphrase and not to forget it.
Step 5 Click Finish to create the new key. The new key appears in the list.
Result SSH keys are saved in the DROPS Server installation directory in the following path: /../ssh/keystore/ks<n> (where n is the key's internal ID).
There are two files, each representing half of the key pair:
- the private part of the key which DROPS will reference.
- the public part of the key which must be referenced by the target tool.
Follow the subsequent steps to import an existing SSH key. Only the private half of the SSH is imported into DROPS.
Step 1 To import an existing private key, either right-click anywhere in the view and select Import SSH key or click the import icon.
Step 2 Enter a recognizable ID in the Key Identifier field.
Step 3 Browse to the location where the existing private key file is stored and select it in the Private key field.
Step 4 Enter the passphrase for the key if one was defined.
Step 5 Click Finish.
Result The private key is saved in the DROPS Server installation directory in the following path: /../ssh/keystore/ks<n> (where n is the key's internal ID).
To view or edit a key's ID, either right-click on it and select Edit, select the key then click the Edit icon or double-click on it. The SSH Key editor is opened where its ID can be edited. You can also add comments in the SSH key editor but you cannot edit the key pair.
To display the public key, either right-click on the SSH key and select Show Public Key or select the key in the list and click the public key icon. You can copy the public key from the dialog and use it to create the SSH connection in the target tool.
Deleted SSH Keys cannot be accessed or recovered and will no longer be useable. If a referenced SSH key is deleted, the entity referencing it will no long be able to connect to its target.
To delete an SSH key either right-click on it and select Delete or select it and click the Delete icon. Click OK to confirm or click Cancel to keep the key.