Configure SSH Clients Integrate with PSMP (Putty, SecureCRT, MobaXterm & WinSCP) - NETSEC

Latest

NETSEC

Learning, Sharing, Creating

Cybersecurity Memo

Wednesday, July 29, 2020

Configure SSH Clients Integrate with PSMP (Putty, SecureCRT, MobaXterm & WinSCP)

CyberArk PAS solution supports launching of SSH connections directly from end users machine to a target system through the PSMP / PSM proxy server. For installation of PSMP and PSM, check following posts:

YouTube Video:



Username Format

Use the PSMP server/address for the Computer/Address section. The Username can be blank to prompt for username or enter the username of the CyberArk end-user.
For example, my lab PSMP server is psmp.51sectest.dev / 192.168.2.27

Username format is as follows : username@Unix-username#domain@Unix-Machine-IP-Address
username – CyberArk username
Unix-username – privileged user allowed to login to the server
Domain – logon domain as registered in CyberArk gui
Unix-Machine-IP-Address – Target server IP address

CyberArk Configuration

CyberArk user connect to the server a remote server (E.g. 40.115.97.97 ) with privileged account netsec :

Hostname : psmp.51sectest.dev / 192.168.2.27  (PSMP server ip)
For example, using Vault user administrator 's privileged account netsec to log into remote target server 40.115.97.97

Putty session to log in with hostname / ip set to 192.168.2.27:
login as: administrator
[email protected]'s password:
Target user is required (to use domain account, specify <target_user>#<domain_ad           dress>).
Target user: netsec
Target machine address is required (to use port, specify <target_address>#<targe           t_port>).
Target machine address: 40.115.97.97

This session is being recorded
Using username "netsec".
Welcome to Ubuntu 18.04.4 LTS (GNU/Linux 5.3.0-1032-azure x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Mon Jul 27 17:16:03 UTC 2020

  System load:  0.0               Processes:           115
  Usage of /:   4.7% of 28.90GB   Users logged in:     0
  Memory usage: 36%               IP address for eth0: 10.0.1.4
  Swap usage:   0%

 * "If you've been waiting for the perfect Kubernetes dev solution for
   macOS, the wait is over. Learn how to install Microk8s on macOS."

   https://www.techrepublic.com/article/how-to-install-microk8s-on-macos/

 * Canonical Livepatch is available for installation.
   - Reduce system reboots and improve kernel security. Activate at:
     https://ubuntu.com/livepatch

0 packages can be updated.
0 updates are security updates.


Last login: Mon Jul 27 14:51:55 2020 from 160.32.192.89
netsec@ubuntu18-1:~$


Here is setting with username : administrator@[email protected]

 If it is domain 51sectest.dev's user test1, the username will be still in the same format: test1@[email protected], no need to change it to [email protected]@[email protected]

PuTTY setup

1  Menu Session -> Set Host Name

2  Menu Connection -> Data -> set Auto-login username
Auto-login username : administrator@[email protected]

Using username "administrator@[email protected]".
administrator@[email protected]@192.168.2.27's password:

This session is being recorded
Using username "netsec".
Welcome to Ubuntu 18.04.4 LTS (GNU/Linux 5.3.0-1032-azure x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Mon Jul 27 17:23:25 UTC 2020

  System load:  0.0               Processes:           112
  Usage of /:   4.7% of 28.90GB   Users logged in:     0
  Memory usage: 36%               IP address for eth0: 10.0.1.4
  Swap usage:   0%

 * "If you've been waiting for the perfect Kubernetes dev solution for
   macOS, the wait is over. Learn how to install Microk8s on macOS."

   https://www.techrepublic.com/article/how-to-install-microk8s-on-macos/

 * Canonical Livepatch is available for installation.
   - Reduce system reboots and improve kernel security. Activate at:
     https://ubuntu.com/livepatch

0 packages can be updated.
0 updates are security updates.


Last login: Mon Jul 27 17:16:04 2020 from 160.32.192.89
netsec@ubuntu18-1:~$
netsec@ubuntu18-1:~$

SecureCRT setup

Menu SSH2 -> set Hostname and Username parameter



MobaXterm setup


Noets:MobaXterm settings can be exported and it will be auto backed up. 

WinSCP Setup





Read more

Subscribe via email

Author Image

About Netsec
Netsec - Learning, Sharing, Creating!

-
Tags:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)