Safeguard for Privileged Passwords supports Windows SSH systems. Windows SSH uses port 22 on the platform.
OpenSSH on Windows 7 and 8
The OpenSSH port on Windows 7 and 8 has server-side limitations on command execution. Password operations may appear to run more slowly because commands do not return until the timeout expires, even if the command has already completed on the server. You may need to tune the Connection Timeout (CommandTimeout) when running TestConnection, ChangePassword, and CheckPassword in order to allow these password operations enough time to run while still allowing enough time to avoid timeouts for other conditions specific to your network.
- Ensure the SSH server service is running.
Create a service account on the asset and assign it a password:
If the Windows SSH system is joined to a domain that will be managed in Safeguard for Privileged Passwords, you can use a directory account, such as a Microsoft Active Directory account to manage the asset. Enable the Password Never Expires option; once you add the asset to Safeguard for Privileged Passwords, you can have the service account password auto-managed to keep it secure.
If the Windows SSH system is not joined to a domain, then use a local service account that has been granted sufficient permissions.
IMPORTANT: A local account does not have the access necessary to discover services running as domain accounts, so if a local account is used, Safeguard for Privileged Passwords will only discover services running as local accounts, and domain account dependencies will not be updated.
- Ensure the service account is added to the local Administrator's group to allow change password permissions.