Add SSH Keys
You can add SSH keys for use in connecting to remote servers, such as an AWS EC2 instance.
In this topic:
Before You Begin
- Learn Harness' Key Concepts
- Harness Secret Manager Overview
- Add a Secret Manager
- Add Text Secrets
- Add File Secrets
Add SSH Credential
To add an SSH key that can be referenced in Harness entities, do the following:
- Select your Account/Organization/Project.
- In ACCOUNT SETUP/ORG SETUP/PROJECT SETUP, Click Secrets.
- Click New Secret and select SSH Credential.
The SSH Credential options appear.
- Enter a Name for the SSH Credential and click Continue.
- Under Select an Auth Scheme, select one of the following:
- SSH Key: add SSH keys for Harness to use when connecting to remote servers.
- Kerberos: SSH into a target host via the Kerberos protocol.
- In User Name, provide the username for the user account on the remote server. For example, if you want to SSH into an AWS EC2 instance, the username would be ec2-user.
- Click Create or Select a Secret.
- You can do one of the following:
- Click Create a new secret. You must create an Encrypted File Secret. For more information on creating a new Encrypted File Secret, see Add File Secrets.
- Click Select an existing secret. You must add an existing Encrypted File Secret present at your Project, Account or Organization level.
- In Select Encrypted Passphrase, add the SSH key passphrase if one is required. It is not required by default for AWS or many other platforms. Make sure you use a Harness Encrypted Text secret to save the passphrase and refer to it here. Either select an existing secret from the drop-down list or create a new one by clicking Create or Select a Secret. For more information on creating an Encrypted Text Secret, see Add Text Secrets.
- In SSH Port, leave the default 22 or enter a different port if needed.
- Click Save and Continue.
- In Host Name, enter the hostname of the remote server you want to SSH into. For example, if it is an AWS EC2 instance, it will be something like,
- Click Test Connection. If the test is unsuccessful, you might see an error stating that no Harness Delegate could reach the host, or that a credential is invalid. Make sure that your settings are correct and that a Harness Delegate is able to connect to the server.
- When a test is successful, click Submit.
You can convert your OpenSSH key to a PEM format with:
ssh-keygen -p -m PEM -f your_private_key
This will convert your existing file headers from:
-----BEGIN OPENSSH PRIVATE KEY-----
-----BEGIN RSA PRIVATE KEY-----