1. Home
  2. Desktop SSH Agent
  3. Synchronizing keys with your ssh.team domain

Synchronizing keys with your ssh.team domain

Lee Painter 7 March, 2023

Introduction

The Jadaptive solution, SSH Key Management for Teams, provides an easy-to-use key management framework that removes the need to edit individual authorized_keys files on SSH servers and replaces them with a central database of public keys.

The Desktop Agent can synchronize your private keys with your ssh.team domain to ensure that any changes to your private keys are automatically reflected in your account, ensuring you always have access to the SSH servers assigned to you. Additionally, suppose your Administrator has set up a key rotation policy. In that case, the Desktop Agent will prompt you before your keys expire and, upon confirmation, will automatically re-generate and upload the new keys to your account.

 

Configuring the Desktop Agent

Open up the Preferences dialog from the system tray icon menu.

Then open the Key Management tab and enter your ssh.team domain and account name. Check the option Synchronize public keys with your ssh.team domain.

Click Save to save the preferences and exit.

How Synchronization Works

Synchronization between the agent and your ssh.team domain works when you have at least one key configured on both sides. This allows the agent to authenticate with your ssh.team domain without entering your password or any other credentials.

That means loading a private key in the agent and configuring its corresponding public key in your ssh.team account. If you do not have a common key configured, you will see the following message.

Click OK to dismiss the dialog.

Uploading a Key

If your agent has no keys, you should first load a private key into the agent as outlined in Working with Private Keys.

Identify the private key within the agent that you will use and locate its corresponding public key. This is typically in a file with the same name as the private key, with an extension of .pub.

For example, in the listing below the key id_now will be used and id_now.pub will be uploaded to ssh.team

Log in to your ssh.team domain and upload the public key file to your Authorized Keys listing.

You should then see this in the key listing.

When you return to your agent's private key dialog the key will be identified as a Team key and highlighted in green. This indicates that the agent is now successfully synchronizing keys.

Adding and Deleting Keys

Adding a new key to the agent will automatically submit its public key to your ssh.team account. Similarly, if you delete a key, it will be removed from your ssh.team account.

For this to continue, you must always maintain at least one private key in common with your authorized keys.

 

Key Policy

Your Administrator may set up a key policy on your ssh.team domain. This means that you may need to use a specific type of private key and/or have to replace private keys when they expire.

After configuring synchronization, you might be prompted to create a set of keys to conform to the policy.

Clicking Yes will generate private keys for any of the policy's required key types and upload the corresponding public keys to your ssh.team account.

If the Administrator requires keys to expire and be rotated periodically, you will receive the following prompt when rotation is due.

Again, the agent will do all the work for you if you click Yes. Replacing and synchronizing the public keys with your ssh.team account.