Is there a way where I don’t have to give the users (people who want to access the target) the host’s ssh_key/password ?
Hello and thanks for your interest in Boundary! Boundary engineer here. This is a great suggestion. Right now we support a TCP target type, which you can use SSH with: Connect to Your First Target | Boundary - HashiCorp Learn. This means providing a key or password for now. We’re looking into ways to improve the workflow for SSH. Stay tuned!
@randallmorey does that mean that boundary will provide a way to auth SSH connections without providing a 2nd set of credentials?
From my perspective, the point of using boundary would be to avoid sharing SSH keys or credentials with users, but as of now, boundary doesn’t do that. So is this planned for the future?
Hi @rolandjitsu, Boundary product manager here. Thanks for your interest! This suggestion is something we’re working on within the Boundary team and is called out in our Boundary public roadmap under “just-in-time access”: Roadmap | Boundary by HashiCorp. While we don’t yet have a timeline for this ability, this is something we are actively working on. There’s two parts of your ask that we plan to implement:
Stay tuned!
@PPacent thanks for the quick response! That’s great! Looking forward to the release of these 2 features!
Hey guys, thanks for this info!
I’ve been searching through the docs for anything related to this functionality but found no mention.
Thanks for all of the hard work, I’ll keep an eye on the release notes for these features