Beyond Trust Password Safe SSH Access in the Browser

Summary

This article explains how to allow SSH access using locally installed Putty and WinSCP through links from BeyondTrust PasswordSafe in the browser.  

 

Why use Password Safe to connect via SSH? 

BeyondTrust's Password Safe is a password management tool, used to add an extra layer of security for users when connecting to remote resources. After signing into Password Safe with your USNH Single-Sign On (SSO), you will be able to securely access a remote server via SSH.

How-To

Task: Enable links to open Putty from browser links using BeyondTrust PasswordSafe.

Instructions

Step 1 - Close any browser windows.

Step 2 - Install Putty.  Putty can be found in Company Portal.  For information on using Company Portal, please use the following KB article: https://td.usnh.edu/TDClient/60/Portal/KB/ArticleDet?ID=4764

Step 3 - Install WinSCP.  If WinSCP is already installed, you may have to uninstall and reinstall WinSCP.  This application can be found in Comapny Portal.  For information on using Company Portal, please use the following KB article: https://td.usnh.edu/TDClient/60/Portal/KB/ArticleDet?ID=4764

Follow the steps from https://td.usnh.edu/TDClient/60/Portal/KB/ArticleDet?ID=4905.  If you do not have access to this KB article, the steps are listed here:

Step 1 - Have the user log in to BeyondInsight by BeyondTrust with their USNH username@usnh.edu, password, and MFA if required. 

Once logged in, their home screen should look similar to this (depending on which tools you are authorized to use), with icons for Password Safe (number pad with a lock), Secrets Safe (a bank safe), and Managed Accounts (hand holding a person icon).

Uploaded Image (Thumbnail)Click for full-scale image

 

Step 2 - Click the Password Safe tile, then the Directory Linked Accounts tab (box 2 in image below).

Note: if a Load All Accounts button appears in the center of the screen, click it. A list of accessible servers will appear.

Step 3 - Navigate in the list to the server you want to connect to and click the Access button (box 3) on the far right.

Uploaded Image (Thumbnail) - image of server list and click accessClick for full-scale image

 

Step 4 - The Access dialog box will open on the right with various connection options. Click the Quick Launch tab (box 4 in image below) at the top if it's not already selected.

Step 5 - Click the Start SSH Session button (box 5) at the bottom of the screen. A browser window should open after a few moments.

Uploaded Image (Thumbnail) - image that highlights "Quick Launch" and "Start SSH Session"Click for full-scale image

 

Step 6 - If a permissions dialog box pops up in your web browser, click Open to allow the SSH connection client to open.  If you would like to always use Putty, please select "Always allow..." The pop-up may look similar to this:  

image of pop-up that highlights "Open" button

 

Step 7 - Once connected, a command terminal window with an open SSH session will open. This may take a few moments. 

 

Outcome

You have successfully registered Putty and connected via SSH to the selected server using Password Safe.

Need additional help?

If you have any additional questions, please submit a TeamDynamix IAM ticket request with as much detail as possible. 

Print Article