User authentication and roles

In the previous example, we've reused the Warpgate's admin user, which only had a password as its only way to authenticate. Currently, Warpgate supports passwords, public keys or password+public key as authentication methods.

Changing a user's password

Log into the Warpgate admin UI and navigate to Config > Users > admin and click Change next to the password credential:

Adding a public key for a user

Grab the user's public key in OpenSSH format (normally, you can just copy the ~/.ssh/id_<type>.pub file contents and strip the name, leaving just <key type> <public key bytes>, e.g.:

ssh-ed25519 AAAAC...bD4I

Click Add public key and paste it:

Requiring multiple authentication factors

Warpgate can require a client to present both a public key and a password.

In the Auth policy > SSH section, uncheck Any credential and select both Password and Key:

Using roles to assign access

You can use roles to grant a new user access to multiple targets at once (or assign multiple users to a target).

Create and remove roles under Config > Roles.
Assign roles to users and targets on their respective configuration pages.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

User authentication and roles

Changing a user's password

Adding a public key for a user

Requiring multiple authentication factors

Using roles to assign access

Clone this wiki locally