Manage SSH access, logging & auditing for servers using SloopEngine

Create SloopEngine credential

A SloopEngine credential is confidential information employed to authenticate SSH connections to your nodes. SloopEngine, by default, encrypts and securely retains these credentials. When creating a SloopEngine credential, you have two options: either include an existing SSH key pair or allow the system to generate a new one automatically. For detailed insights, it is recommended to refer to the SloopEngine credential documentation. This resource will provide comprehensive information on the subject.

  1. Go to the SloopEngine account dashboard and navigate to the Workspaces listing view.
  2. Choose the specific SloopEngine workspace and navigate to Credentials listing view to create a new credential.

We suggest opting for SloopEngine's automatic generation of an SSH key pair when adding a new credential. This approach ensures a streamlined and secure process, where SloopEngine handles the creation of the necessary cryptographic keys for secure communication. This practice not only simplifies the setup but also maintains a higher level of data protection by adhering to industry-standard security protocols.

Sync credential to a node using SloopEngine CLI

The SloopEngine CLI facilitates the synchronization of credentials, specifically the SSH keys, from your SloopEngine account to your nodes (host machines, virtual machines, or containers). To initiate the process, your first step involves installing and configuring the SloopEngine CLI on the designated node where you intend to synchronize the credentials. Following this installation, proceed to execute the subsequent steps outlined below in order to successfully sync the SloopEngine credentials. These instructions will guide you through the steps necessary for ensuring a seamless and accurate deployment of the SSH keys, enhancing the security and accessibility of your SloopEngine nodes.

  1. Go to the SloopEngine account dashboard and navigate to the Workspaces listing view.
  2. Choose the specific SloopEngine workspace and navigate to the Credentials listing view.
  3. Copy the sync command of a specific SloopEngine credential and run it on the node.

Create SloopEngine node

A SloopEngine node serves as a versatile component encompassing various forms like a physical host machine, a virtual machine, or even a container. Accessible through either a Fully Qualified Domain Name (FQDN) based hostname or an IP address, this node constitutes a pivotal entity. It holds significance in the context of SloopEngine permission creation, as it can be pointed to and utilized during the process. For detailed insights, it is recommended to refer to the SloopEngine node documentation. This resource will provide comprehensive information on the subject.

  1. Go to the SloopEngine account dashboard and navigate to the Workspaces listing view.
  2. Choose the specific SloopEngine workspace and navigate to Nodes listing view to create a new node.

Create SloopEngine permission

A SloopEngine permission represents an explicit authorization conferred to a user, enabling them to access designated credentials, nodes, and repositories within the system. Notably, this permission encompasses the ability to initiate both SSH sessions, facilitating secure command-line interactions, and IDE sessions, providing a comprehensive environment for software development activities. In essence, SloopEngine permissions serve as a controlled pathway for users to engage with particular resources, enhancing security and facilitating efficient collaboration in the system. For detailed insights, it is recommended to refer to the SloopEngine permission documentation. This resource will provide comprehensive information on the subject.

  1. Go to the SloopEngine account dashboard and navigate to the Workspaces listing view.
  2. Choose the specific SloopEngine workspace and navigate to Permissions listing view to create a new permission.

Launch SloopEngine SSH session

To launch an SSH session, you are required to possess a SloopEngine permission that has been specifically generated for you by a manager. This SloopEngine permission serves as the gateway to accessing the essential credentials and nodes relevant to your work. With SloopEngine permission, you gain the ability to launch an SSH session to your servers and perform deployments and operations.

  1. Go to the SloopEngine account dashboard and navigate to the Workspaces listing view.
  2. Choose the specific SloopEngine workspace and navigate to the My Permissions listing view to launch a new SSH session.

Live stream SloopEngine SSH session for auditing

With SloopEngine's SSH Logging & Auditing feature, keeping an eye on your team's live SSH connections has never been easier! Not only can you live stream and monitor an ongoing SSH session, but you can also secretly audit your team member's live SSH session to ensure that they are not engaging in any malicious activity. Plus, this feature can come in handy during server downtimes and production outages, as you can use it to assist your team members remotely.

In the event of a security threat or data theft detected during live stream auditing of an SSH session, it is imperative to terminate the SSH session immediately without any delay. SloopEngine's SSH Logging & Auditing feature makes it easy to accomplish this with just one click, helping safeguard your organization against security breaches. Following this, it is important to revoke SSH access for the specific team member involved in such activity.

  1. Go to the SloopEngine account dashboard and navigate to the Workspaces listing view.
  2. Choose the specific SloopEngine workspace and navigate to Permissions listing view.
  3. Choose the specific SloopEngine permission and navigate to Live SSH Sessions listing view to live stream and monitor a SSH session for auditing purpose.

Playback SloopEngine SSH log for auditing

SloopEngine offers a robust SSH Logging & Auditing feature that allows you to record every SSH connection made to your production servers by your team members. Your SSH logs are securely stored and can be accessed as needed upon your request. Access to the SSH logs is strictly controlled, they cannot be downloaded or viewed without proper authorization within the SloopEngine system.

Typically, your team members would initiate an SSH connection to the production servers for deployments or tasks. Enabling SSH logging across all production servers is crucial. In today's business landscape, any expanding organization must create and retain SSH logs for auditing. These SSH logs are invaluable for conducting root cause analysis and generating post-mortem reports.

  1. Go to the SloopEngine account dashboard and navigate to the Workspaces listing view.
  2. Choose the specific SloopEngine workspace and navigate to Permissions listing view.
  3. Choose the specific SloopEngine permission and navigate to Recorded SSH Sessions listing view to playback and monitor a SSH log for auditing purpose.

On this document