Luminate Secure Access Cloud (TM) provides capabilities for Zero Trust SSH Access to Linux servers deployed on-premises or in one of Cloud Service Providers. This article explains the principles of this access and its mode of operation.
In order to establish connectivity with a Linux Server via Luminate, the SSH Daemon needs to be able to authenticate connections via ephemeral SSH Keys allocated by Luminate Secure Access Cloud (TM). In order to be able to verify the authenticity of the keys, the SSH Daemon needs to have the Public Key of the Certificate Authority allocating them. This article explains how to deploy this key on Linux Servers deployed in Microsoft Azure using Azure's Run Command feature.
Getting the Certificate Deployment Script
The procedure of deploying the public CA key can be performed either manually, as described here, or by using an automatic script. The script can be retrieved from the Luminate Admin Portal. Access the page of any SSH Server and the script is available on it:
Clicking on "Copy" button will transfer the content of the script into the clipboard.
Provisioning the Script via Azure Run Command
While there are multiple ways to distribute the certificate to target servers, in this article we will use the Azure Run Command capability. The capability can be invoked from either Azure REST API, Azure CLI or Azure Administration Console and will cause the execution of the provided script, for example, the one copied in the previous step, on the target machine.
When executing the script via the Azure Administration Console, the result will look similar to the below:
In order to use the same capability from the Azure CLI, please follow this guide: https://docs.microsoft.com/en-us/cli/azure/vm/run-command?view=azure-cli-latest