Creating an Account

Fudo One allows creating an Account> object with regular or forward type. For the regular types of accounts it is required to provide login data for future connections, while for the forward types of accounts credentials can be dynamically substituted.

In order to create an Account, follow the instruction:

  1. Click + icon in the main menu next to the Accounts tab, or
    Select Management > Accounts and then click Add.
  2. Define object’s name.
  3. Select the Blocked option to disable account after it’s created.
  4. Select a type from the drop-down list: regular or forward.
  5. In the Notes field, enter a message to the Access Gateway users.
  6. In the Data retention section, define automatic data removal settings.
  • Select the Override global retention settings option to set different retention values for connections established using this account.
  • Check the Delete session data option to exclude sessions from retention mechanism.
    Next to the Delete session data field, define the number of days after which the session data will moved to external storage device. Default value when the option is checked, is 30 days.
  1. In the Server section, assign account to a specific server or a server pool by selecting it from the Server drop-down list.
  2. Depending on selected type of an Account, provide respective settings in the Credentials section:
  • If selected account type is regular, enter privileged account Domain and Login .
  • If selected account type is forward, select the Forward domain option to have the domain name included in the string identifying the user
  1. From the Replace secret with drop down list, select one of the desired options:
  • secret from a different account from the Account drop-down list, select account object, whose credentials will be used to authenticate user when establishing connection with monitored server, or
  • key - generate or upload a public key (for SSH connections), or
  • password and provide a password twice.

📘

Two-fold authentication

  • With two-fold authentication enabled, user is being prompted twice for login credentials. Once for authenticating against Fudo One and once again for accessing target system.
  • To enable two-fold authentication, select password from the Replace secret with drop-down list and leave the password and login fields empty.

For SSH connections, select the SSH Agent forwarding option to authenticate the user against the target host using client’s SSH key. Use -A option for connecting to SSH server.

  1. Click Save.

Blocking an Account

In order to block an Account, follow the instruction:

  1. Select Management > Accounts.
  2. Define filters to limit the number of objects displayed on the list, or use a search bar.
  3. Select the account(s) you want to block and click the Block button.
  4. Optionally, provide the reason and click the Confirm button.

Alternatively, enter the Account definition edit mode and click the Blocked button there. Provide an optional blocking reason.

Click Save.

Unblocking an Account

In order to unblock an Account, follow the instruction:

  1. Select Management > Accounts.
  2. Define filters to limit the number of objects displayed on the list, or use a search bar.
  3. Select the account(s) and click Unblock.
  4. Click Confirm to unblock selected Account objects.

An Account object can also be unblocked from the Account definition edit mode:

  1. Find the Account object and open its definition.
  2. Uncheck the Blocked option.
  3. Click Save.

Deleting an Account

In order to delete an Account, follow the instruction:

  1. Select Management > Accounts.
  2. Define filters to limit the number of objects displayed on the list.
  3. Select the account(s) and click Delete.
  4. Click Confirm to remove selected Account objects.