Skip to content

SSH Agent Configuration

SSH Agent Configuration

The SSH Agent resource in Clarive allows you to connect to remote servers via SSH for executing commands, transferring files, and performing various automation tasks.

Configuration Fields

When configuring an SSH Agent resource, you can specify the following fields:

  • Server: The target server resource to connect to (required)
  • User: The SSH username for authentication
  • Port: The SSH port number (default: 22)
  • Timeout: Connection timeout in seconds (default: 60)
  • Private Key Filename: Path to the SSH private key file for key-based authentication
  • SSH Config File: Path to a custom SSH configuration file (default: /dev/null)

SSH Config File

The SSH Config File field allows you to specify a custom SSH configuration file to use for connections. This is useful when you need to:

  • Use specific SSH configurations for different environments
  • Apply host-specific connection settings
  • Configure advanced SSH options like proxy commands, cipher preferences, or connection multiplexing

By default, this field is set to /dev/null, which means no SSH configuration file will be used and connections will use Clarive's default SSH options:

  • StrictHostKeyChecking=no: Automatically accept new host keys
  • PasswordAuthentication=no: Disable password authentication (use keys only)
  • UserKnownHostsFile=/dev/null: Don't save host keys

Example Custom SSH Config

To use a custom SSH configuration file:

  1. Create an SSH config file on the Clarive server (e.g., /etc/clarive/ssh_config)
  2. Add your custom SSH settings:
Host production-*
    ServerAliveInterval 60
    ServerAliveCountMax 3
    Compression yes

Host *.example.com
    ProxyCommand ssh -W %h:%p bastion.example.com
  1. Set the SSH Config File field in your SSH Agent resource to /etc/clarive/ssh_config

Note: The custom SSH config file path should be an absolute path accessible by the Clarive process.

Security Considerations

  • Always use key-based authentication when possible
  • Ensure private key files have appropriate permissions (0600)
  • Store SSH config files in secure locations with restricted access
  • Regularly rotate SSH keys and update agent configurations