Tutorial - Creating and Associating a Shared Account
- Stonebranch (Deactivated)
- Katie Murphy
- Olivier Michaut
In this tutorial, you will:
Create a Shared Account with Password Authentication for a Local Server.
- Assign a Shared Account to a Local Server via Shared Accounts Service.
Assign a Shared Account to a Local Server via Local Servers Service.
- Create a Shared Account with SSH Key Authentication for a Local SFTP Server.
- Disable a Shared Account.
Create a Shared Account with Password Authentication for a Local Server
Step 1 | From the UDMG Admin UI navigation pane, select Shared Accounts. The Shared Accounts list displays.
|
|---|---|
Step 2 | Click the Add icon (
|
Step 3 | The Shared Account Details displays: SFTP
FTPES
|
| Step 4 | Click the Save icon (
|
Assign a Shared Account to a Local Server - Shared Accounts Service
| Step 1 | To create a local server follow Tutorial - Creating and Manually Starting an SFTP Server or Tutorial - Creating and Manually Starting an FTPES Server. SFTP: stonebranch-sftp-01, stonebranch-sftp-02 FTPES: stonebranch-ftpes-01 |
|---|---|
Step 2 | From the UDMG Admin UI navigation pane, select Shared Accounts. The Shared Accounts list displays. Select the newly created SFTP user stonebranch-1 or FTPES user stonebranch-10. |
| Step 3 | Select the Local Servers tab. The list of associated Local Servers displays. Initially, the account is created without any reference and cannot be used for authentication to any of the local servers. By associating it with 1 or more local servers, it is allowed for each of them.
|
| Step 4 | Select the Pencil icon to associate a Local Server to the Shared Account.
|
| Step 5 | Search for stonebranch-ftpes-01 and add using the
|
| Step 6 | The Local Server list is updated for the account
|
Assign a Shared Account to a Local Server - Local Servers Service
| Step 1 | To create a local server follow Tutorial - Creating and Manually Starting an SFTP Server or Tutorial - Creating and Manually Starting an FTPES Server. SFTP: stonebranch-sftp-01, stonebranch-sftp-02 FTPES: stonebranch-ftpes-01 |
|---|---|
Step 2 | From the UDMG Admin UI navigation pane, select Local Servers. The Local Servers list displays.
|
Step 3 | Select the correct server record. The server details are populated on the Details tabs. Select the Accounts tab.
|
Step 4 | Select the Pencil icon to add a shared account to the local server.
|
| Step 5 | Search for the correct shared account and add using the Click the Save changes button.
|
| Step 6 | It's now possible to connect to the SFTP server with these account credentials: $ sftp -P 4100 stonebranch-01@0.0.0.0 stonebranch-01@0.0.0.0's password: Connected to 0.0.0.0. sftp> ls sftp-01-in It's now possible to connect to the FTPES server with these account credentials. For example with FileZilla:
FileZilla Log 19:22:15 Status: Resolving address of ftpes.example.com 19:22:15 Status: Connecting to x.x.x.x:4200... 19:22:15 Status: Connection established, waiting for welcome message... 19:22:15 Response: 220 UDMG-FTP-2.0.0.0 19:22:15 Command: AUTH TLS 19:22:15 Response: 234 AUTH command ok. Expecting TLS Negotiation. 19:22:15 Status: Initializing TLS... 19:22:15 Status: Verifying certificate... 19:22:15 Status: TLS connection established. 19:22:15 Command: USER stonebranch-01 19:22:15 Response: 331 OK 19:22:15 Command: PASS ******** 19:22:16 Response: 230 Password ok, continue 19:22:16 Command: CLNT FileZilla 19:22:16 Response: 200 Good to know 19:22:16 Command: OPTS UTF8 ON 19:22:16 Response: 200 I'm in UTF8 only anyway 19:22:16 Command: PBSZ 0 19:22:16 Response: 200 Whatever 19:22:16 Command: PROT P 19:22:16 Response: 200 OK 19:22:16 Status: Logged in 19:22:16 Status: Retrieving directory listing... 19:22:16 Command: PWD 19:22:16 Response: 257 "/" is the current directory 19:22:16 Status: Directory listing of "/" successful |
| Step 1 | Follow the above steps again to create another shared account stonebranch-02. |
|---|---|
| Step 2 | If you don't already have a public key, generate a new SSH key for this account, for example: $ ssh-keygen -t ed25519 -C "stonebranch-02" -N "" -f stonebranch-02 Generating public/private ed25519 key pair. Your identification has been saved in stonebranch-02. Your public key has been saved in stonebranch-02.pub. The key fingerprint is: SHA256:gNvc9Km/Zoe6b/UEtfD0mIjjhiRO/eYujv/SU4+d8sk stonebranch-02 The key's randomart image is: +--[ED25519 256]--+ | | | . . o | | . ... . * = | | +o+o.o.o = .| | .oooS+o. . | | . ..= o . | | .= + * . | | .o.O +.=. | | .o=%*+ oE | +----[SHA256]-----+ Note The public key must be in OpenSSH format. |
| Step 3 | From the UDMG Admin UI navigation pane, select Local Servers. The Local Servers list displays. |
| Step 4 | Select or create an SFTP server, stonebranch-sftp-02. |
| Step 5 | Follow the above steps again to add the shared account, stonebranch-02 to the local server. The details are populated in the Accounts tab.
|
| Step 6 | Click the Certificates / Keys tab.
|
| Step 7 | Click the Add icon (
|
| Step 8 | The Certificate Details displays.
The fields can be resized for easier display; simply move up or down the resize grabber in the corner of the field. |
| Step 9 | Click Submit button. The SSH key is stored for this account and client connection can be performed with SSH key authentication. |
| Step 10 | It's now possible to connect to the SFTP server with this account private key: $ sftp -i stonebranch-02 -P 4101 stonebranch-02@0.0.0.0 Connected to 0.0.0.0. sftp> ls sftp-01-in |
Disable a Shared Account
| Step 1 | From the UDMG Admin UI navigation pane, select Shared Accounts. The Shared Accounts list displays. Select the FTPES user stonebranch-10.
|
|---|---|
Step 2 | Click the Disable button ( |
| Step 3 | The account is disabled and cannot be used for login with any of the assigned local servers.
Note Use the Disable and Enable buttons to change the status. The Disabled toggle button only to shows the status of the account. |
