Windows 2019 OpenSSH Jump Server - Account Setup

Overview

With the availability of OpenSSH on Windows 2019 it may be preferable to lock down the amount of access an account has to perform certain tasks.  This article will cover the minimum permissions required for a windows 2019 jump server with the Winsshd type connection so you can utilise the following modules:

  • SovLabs Active Directory
  • SovLabs Microsoft DNS
  • SovLabs Microsoft IPAM


Considerations

  • Have licensed and up to date SovLabs modules
  • Have installed RSAT tools on your jump server
  • Have installed and configured OpenSSH on your jump server
  • Have installed IPAM client (if required) and configured on your jump server
  • Have configured an account for use (preferred an Active Directory account)
  • Have firewall rules open between vRA/vRO and your Jump server to allow SSH to function


Procedure

Local temp folder permissions (Applies to AD/DNS/IPAM)

  1. On your jump server, your service account will need to have modify permissions on your temporary folder (In this example the folder is c:\Sovlabs)
    NOTE: We recommend creating a separate folder for the temporary storage of Powershell scripts that are copied across for utilization.

No other permissions are required on your jump server apart from access to the temporary folder.  All other permissions required are for your Microsoft AD, Microsoft DNS and Microsoft IPAM.  Please see additional information for links to articles relating to these configurations



Additional information

Setup Open SSH on a Windows 2019 Server : https://support.sovlabs.com/a/solutions/articles/6000232006
Setting up RSAT tools : https://support.sovlabs.com/a/solutions/articles/6000186846
Active Directory Account Setup : https://support.sovlabs.com/a/solutions/articles/6000224740
Microsoft DNS Account Setup : https://support.sovlabs.com/a/solutions/articles/6000228302
Microsoft IPAM Account Setup : https://support.sovlabs.com/a/solutions/articles/6000224741
vRO Telnet Test : https://support.sovlabs.com/a/solutions/articles/6000236592

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.