By Ryan Squires Posted January 25, 2019
With Linux® dominating the data center infrastructure market, sysadmins, DevOps engineers, and IT admins are seeking out remote Linux management tools to make it easier to control and secure their infrastructure. With a significant number of applications run on remote servers, it is crucial to be able to manage who can gain access to those applications and data. Just as managing the infrastructure itself is greatly important, sysadmins need to be able to provision and deprovision user access to resources as necessary.
Remote Linux Management: Servers and Users
While many are leveraging configuration management and automation tools such as Chef™, Puppet, Ansible®, Salt®, and others, some functions are not accomplished as well with those tools as with other remote Linux management solutions. Where the four aforementioned solutions struggle, in specific, is with identity and access control to remote Linux servers. So while Chef, Puppet, Ansible, and Salt are great for some configuration management and server automation tasks, they don’t fare as well when they’re charged with managing identity and access control to remote Linux systems. For that, you’re going to need to consider a different type of tool. That is, a solution that can help you to manage identities (and their differing forms of authentication) and access to remote Linux servers.
SSH Keys and IaaS Providers
AWS and other infrastructure-as-a-service (IaaS) providers are now mandating the use of SSH keys to access Linux virtual machines (VMs). The overhead of SSH key management can provide a daunting challenge to organizations with many users and servers, therefore many SSH keys to manage. For growing companies with many new users and increasing remote users, SSH key management can also prove challenging. As a result, automating this task is at the forefront of many sysadmins’ wish lists. But, it’s not the only ability that sysadmins wish they had. They’re also looking to provide extra protection by leveraging multi-factor authentication (MFA) into their critical Linux servers. Efficiently accomplishing these tasks and managing the identity management function for Linux servers can be difficult with the tools sysadmins currently have at their disposal.
Remote User Management for Remote Linux Servers
The good news is that a next generation cloud identity and access control solution called JumpCloud Directory-as-a-Service (DaaS) can solve the challenges presented by remote Linux management. As a cloud identity provider, DaaS can tightly control user access via username/password, SSH keys, and MFA while also enabling IT admins to remotely execute commands on the systems sysadmins need managed.
Getting back to SSH key management, JumpCloud takes a lot of that burden off the shoulders of IT admins. The JumpCloud SSH key management workflow is a bit different from what most IT admins are used to because there is very little work for them. IT admins grant access to a specific remote server, and the Directory-as-a-Service platform automatically places the user’s keys on the systems they need access to. Also, public keys are uploaded and managed on the system by the end user and not the IT admin, so the keys are automatically propagated through the infrastructure. Rotated and updated keys are placed on all applicable systems, providing great time savings to both IT admins and users.
Learn More About JumpCloud
If you’re ready to learn about a remote Linux management tool aimed at controlling identity and access management to remote Linux servers, be sure to sign up for a free JumpCloud account. With a free JumpCloud you can manage up to 10 users and their systems, remote or not, for free. Ready to see how? Schedule a demo or visit our Knowledge Base for helpful information to help you get the most out of your account.