Unix Account (SSH Key Rotation - No Password) Secret Template for RPC

Overview

This document briefly discusses using Secret Server Remote Password Changing (RPC) for Unix Account (SSH Key Rotation - No Password) and Unix Account (Privileged Account SSH Key Rotation - No Password) accounts. With Remote Password Changing (RPC), secrets can automatically change remote account passwords when a secret expires, either immediately or on a defined schedule. In addition, the new passwords’ strengths and other qualities are completely configurable. See the Password Changer List for a complete list of available password changers.

SSH Key Rotation manages a Unix account’s private keys, passphrases, and passwords. The public/private key pair is regenerated, and the private key is encrypted with a new passphrase any time a secret's password changes, manually or automatically. The public key is then updated on the Unix machine referenced on the secret. For more details, see Creating a Unix Account (SSH Key Rotation) Secret and Custom SSH Key Rotation.

Assigning a Password Changer to a Secret Template

After completing the RPC setup, you can manage the built-in secret templates. Each secret template is specific application and is preconfigured with the password changer best suited to that. For the Unix Account (SSH Key Rotation - No Password), we want the Unix Account (SSH Key Rotation - No Password) template.

You can view and modify secret templates in the Secret Server administration panel. See Creating or Editing Secret Templates for more on the available options. Ensure that the secret template is in active status. See Activating and Deactivating Templates for details.

To navigate to a Unix Account (SSH Key Rotation - No Password) or Unix Account (Privileged Account SSH Key Rotation - No Password) secret template:

  1. Go to Administration > Secret Secret Server. The Secrets Administration page is displayed.

  2. In the Core Actions section, click Secret Templates. The list of available templates is displayed.

  3. Select a Unix Account (SSH Key Rotation - No Password) or Unix Account (Privileged Account SSH Key Rotation - No Password) secret template, then click the Mapping tab.

You can check what secret template conforms to the selected RPC. The screenshot below shows that a Unix Account (SSH Key Rotation - No Password) RPC refers to the identically titled secret template. It is possible to assign several password changers to one secret template. For more information, see Assigning a Password Changer to a Secret Template.

Secret templates determine the fields, launchers, and the remote password changer for secrets. To utilize the Unix Account (SSH Key Rotation - No Password) or Unix Account (Privileged Account SSH Key Rotation - No Password) template on a secret, see Managing Secrets.