PingOne Privilege

Managing passwordless access

PingOne Privilege enables passwordless access to onboarded resources for both administrators and end users. This feature eliminates the need for users to manage or directly handle static credentials, such as passwords or SSH keys, for the target systems.

Access is brokered through short-lived certificates or tokens, that are automatically generated and managed by the platform.

To use this feature, resources must first be onboarded. Learn more in Onboarding target resources.

Passwordless SSH access for administrators

Admins have passwordless access to all the resources within the tenant. To connect to a resource using passwordless SSH:

Procedure

If you are using the PingOne Privilege authenticator app:

  1. Open the PingOne Privilege authenticator app.

  2. Click on the Stack icon.

  3. Find the target in the list. Copy the SSH command.

  4. Run the SSH command in your terminal.

If you are using the pcli command line tool:

  1. If necessary, log in to your tenant by running pcli auth login <your-tenant-name>.

  2. Confirm your server is available by running pcli server list.

  3. Run pcli server checkout <your-server-name> <your-ssh-user> --connect=true.