Reference Guide
...
Cloud PAM
Importing Devices from Amazon ...

SSH Key Configuration for AWS Devices

By default, AWS instances are created with an SSH key in the AWS Console Management screen. If devices imported from AWS are configured to log in with an SSH key, Kron PAM can provide a seamless connection to those devices, otherwise, the global username and password need to be defined for each device group.

To use an SSH key for AWS devices:

  1. Get the SSH key name stored in the device properties of each device:
  2. Navigate to Device Management > Device Inventory.
  3. Right-click an AWS Device and select Show Properties (The SSH Key name of the device is stored in the sshKeyName property)
  4. Write down the value of this property to be used for the SAPM module.
SSH Key Name
SSH Key Name


Enable SSH Key Connection to Device Groups:

  1. Navigate to Device Management > Device Groups.
  2. Right-click the Device Group the AWS devices are imported to and select Show Properties.
  3. addDeviceSshKeyToUserSelection property and set the value as true.

Uploading an SSH key to Kron PAM will enable connections to the device:

  1. Navigate to SAPM > SAPM Accounts.
  2. Fill in the required fields.
  3. The Name field must be exactly equal to the value of the Device Property “sshKeyName”.
  4. Select SSH Key in the Type field.
  5. Copy the contents of your SSH key into the Secret Data field.
SSH Key in the SA
SSH Key in the SA


SSH keys must be in an OpenSSH key format. This means that the value put into the Secret Data field should: start with the “---- BEGIN SSH2 PUBLIC KEY ----” and end with the “---- END SSH2 PUBLIC KEY ----” indicators.