Downloading the SSH master key file

Download the SSH master key file onto each target system you want to access. The SSH master key file is a public file that you can download using the Admin Portal or a UNIX command line.

To download the SSH master key file from the Admin Portal:

Note:   The following must be performed on the target system.

  1. In the Admin Portal, click Settings, then click Resources to display the settings available for Privileged Access Service.
  2. Click Security Settings.
  3. Click Download ‘Use My Account’ master SSH key.

  4. Click the link to download the file, then click OK.

  5. Rename the ca.pub file you just downloaded to:

    centrify_tenant_ca.pub.

  6. Save the SSH master key file you just downloaded to one of the following locations depending on your SSHD version:

    • For the standard OpenSSH version, save the SSH master key file to:
      /etc/ssh/centrify_tenant_ca.pub
    • For the Centrify-compiled OpenSSH version, save the SSH master key file to:
      /etc/centrifydc/ssh/centrify_tenant_ca.pub
  7. Now that you have downloaded the SSH master key file and saved it, you need to update the system settings to allow Use My Account, see Updating system settings to allow Use My Account.

To download the SSH master key file from a UNIX command line

  1. Execute a wget or curl command to download the SSH master key file from a UNIX command line.

    • If you are running the standard OpenSSH package enter:

      curl -o /etc/ssh/centrify_tenant_ca.pub https://<customer tenant URL>/servermanage/getmastersshkey

      For example, if the customer-specific tenant URL is aba0087.my.centrify.net:

      curl -o /etc/ssh/centrify_tenant_ca.pub https://aba0087.my.centrify.net/servermanage/getmastersshkey
    • If you are running the Centrify-complied OpenSSH package enter:

      curl -o /etc/centrify/ssh/centrify_tenant_ca.pub https://<customer tenant URL> /servermanage/getmastersshkey

      For example, if the customer-specific tenant URL is aba0087.my.centrify.net:

      curl -o /etc/centrify/ssh/centrify_tenant_ca.pub https://aba0087.my.centrify.net/servermanage/getmastersshkey
  2. Save the SSH master key file you just downloaded to one of the following locations depending on your SSHD version:

    • For the standard OpenSSH version, save the SSH master key file to:
      /etc/ssh/centrify_tenant_ca.pub
    • For the Centrify-compiled OpenSSH version, save the SSH master key file to:
      /etc/centrifydc/ssh/centrify_tenant_ca.pub
  3. Now that you have downloaded the SSH master key file, you need to update the system settings to allow Use My Account, see Updating system settings to allow Use My Account.