Manage Credentials

Manage the credentials that the Enterprise Console uses to access and perform tasks on hosts, such as adding a node to an Events Service. You can use the Credentials page in the GUI or the command line to manage credentials. You should add credentials to the platform before you add hosts.

Generate an RSA Key Pair

An RSA private key file is required to add credentials to a platform. The following steps will generate an RSA key pair that consists of the public key file ~/.ssh/id_rsa.pub and the private key file ~/.ssh/id_rsa.

  1. Log in to the Enterprise Console host machine via SSH.

  2. Switch to the user that is the owner of the Enterprise Console:

    sudo -i -u <user-owner of the EC>

  3. Create the RSA key pair:

    ssh-keygen -t rsa -b 2048 -N '' -m pem

  4. Accept the default location for the key pair at ~/.ssh.

  5. Confirm that the RSA public and private key files have been created:

    ls ~/.ssh/
id_rsa
id_rsa.pub

Add Credential

When you add a credential, you need the following information:

  • Credential name
  • Username
  • Private key file

The credential name is the unique identifier for a credential and is used to specify the credential when you perform tasks such as adding a host. We recommend that you follow the naming convention for all of your credential names. The id_rsa, RSA private key, should be created using the OpenSSL PEM encoding format over the Open SSH standard encoding.

Note: The Unix system user specified in the username field must have writeable access to the platform directory.

You can add a credential in the GUI by clicking Add.

bin/platform-admin.sh add-credential --credential-name <name> --type <ssh> --user-name <username> --ssh-key-file <file path to the key file>

Where <file path to the key file> is the private key for the Enterprise Console machine. The installation process deploys the keys to the hosts.

Remove Credential

Remove a credential that is no longer used. You cannot remove a credential that is still used by a host. You can remove a credential in the GUI by selecting the credential and clicking Delete.

bin/platform-admin.sh remove-credential --credential-name <name>

List Current Credentials

bin/platform-admin.sh list-credentials