In this video, explore the SSH secrets engine.
- [Instructor] The SSH Secrets Engine…can make Vault the manager of all authentication…to an environment full of SSH servers.…Vault supports two methods,…one-time passwords and key signing.…I'll be demonstrating One-Time Passwords or OTP.…Here is a flow diagram of the OTP setup process.…The SSH server Vault plugin, vault-ssh-helper,…is installed to the SSH server.…The SSH configuration is modified…to replace normal authentication…with the vault-ssh-helper plugin.…
An operator enables the SSH Secrets Engine…at the Vault server…and creates a role in the SSH Secrets configuration.…The role configuration determines how Vault generates…the one-time password for an SSH server.…When a client wants to connect,…it writes a new secret to the SSH engine…which generates and returns the one-time password.…The client can then use the OTP…to authenticate to the SSH server.…When the OTP is presented to the SSH server,…the vault-ssh-helper plugin calls back to the Vault server…to validate the password.…
If successful, Vault returns a positive result…
- What is Vault?
- Using the dev server
- Working with Vault secrets engines
- Adding policies to Vault
- Running and using Vault
- Configuring the database secrets engine
- Implementing Vault
- Integrating Jenkins with Vault
- Using the Vault API
Skill Level Beginner
1. Introduction to Vault
2. Getting Started with Vault
3. Running and Using Vault
4. Implementing Vault
5. Using the Vault API
Next steps with Vault1m 23s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.