SSH Key Management


"Administrative Only" users manage their own SSH keys to systems they have access to through profiles. "Full Access" administrators can disable anyone's key at anytime to force rotation. Unless key management is disabled, Bastillion will overwrite all values in the specified authorized_keys file for a system.

Note: Key management only pertains to Bastillion. Bastillion for EC2 does not provide a utility to manage SSH keys since that is typically done through the AWS console

Manage SSH Keys (Everyone)

Users generate/set their own SSH keys to profiles they have been provided access to.

Manage SSH  Keys

Key management only stores the public key for the user. While the private key is downloaded by the user, it is never stored in the application.

Disable SSH Keys (Full Access users)

Full Access users may force key rotation and disable any SSH key that has been registered through Bastillion.

Disable Keys

Once a key has been disabled it cannot be added again by any user.

By default Bastillion will generated and distribute the SSH keys managed by administrators while having them download the generated private. This forces admins to use strong passphrases for keys that are set on systems. The private key is only available for download once and is not stored on the application side. To disable and allow administrators to set any public key edit the

#set to true to generate keys when added/managed by users and enforce strong passphrases set to false to allow users to set their own public key

Disable SSH Key Management

You may disable key management by editing file and use Bastillion only as a bastion host. This file is located in the jetty/bastillion/WEB-INF/classes directory.

#set to false to disable key management. If false, the Bastillion public key will be appended to the authorized_keys file (instead of it being overwritten completely).

Key Refresh

The authorized_keys file is updated/refreshed periodically based on the relationships defined in the application. If key management is enabled the refresh interval can be specified in the file.

#authorized_keys refresh interval in minutes (no refresh for <=0)