Discovering Privileged Accounts on Linux Devices

You can discover and add Linux devices and the accounts present in each of the devices. Discovering from Linux devices is a two-step process. First, you need to establish connectivity between Securden and the Linux server.

Navigate to Accounts >> Add >> Discover Accounts and then click Linux under Servers in the GUI to perform this step.

Note

Securden uses SSH for connecting to Linux devices. Hence, you should configure the firewall on your target devices to keep port 22 open.

Step 1: Establishing Connectivity

For Securden to connect with Linux-based devices and discover the accounts present in them, you need to specify the IP address range of the devices and the channel through which the discovery needs to be performed.

You have the option to discover devices from a single computer or from a set of computers in an IP range.

If you choose Single Computer, you need to specify the Hostname/IP address of the target machine.

If you choose Computer in IP Range, you need to specify the IP Range of the target devices. I.e., specify the Start IP and End IP of the range of devices to be scanned.

Note

If each machine in the IP range specified has different administrator credentials, you need to repeat the discovery separately for each device. In such scenarios, importing accounts from CSV would be a better option than accounts discovery.

Once the IP addresses of the devices have been specified, you need to provide the following details:

1. Connection timeout: The maximum time in seconds Securden can attempt to establish connectivity with the devices before terminating the process.

2. Retry discovery process again: If connectivity to one or more devices cannot be established at present, Securden can attempt to connect with the devices at a later time. You need to specify the time (in hours) after which the attempt to connect should be made.

Discovering through Remote Gateway

If the devices belong to a different network than the Securden server, you can route the connection through a remote gateway. You can select the appropriate remote gateway from the drop-down and the discovery will happen through the selected gateway.

Discovering through a Unix Connector

If the devices you want to discover belong to a different subnet, you can try discovering them through Unix connectors. You can select a Unix connector from the drop-down and discovery will happen through the selected connector.

Once all the required details have been provided, you can click Next.

Step 2: Enter Credentials and Discover

Securden needs to authenticate the connection with the devices to perform discovery. For this purpose, you can specify the root account credentials or sudo (Superuser Do) user credentials. Securden will also use the administrator credentials for performing remote actions like password verification and reset apart from account discovery.

You need to supply two sets of credentials, one for remote login and the other to fetch the accounts and onboard it to Securden.

Supply remote login credentials

1. You need to specify the Account Name of the administrator account.

2. You can choose between a Password or a Public Key Infrastructure (PKI file) as the authentication type.

   

If you choose to authenticate using a PKI file, you have two options.

i. You can choose an SSH key already stored in Securden. You can choose it from the drop-down menu.

ii. You can upload an already existing SSH keyfile from your computer. If you choose to upload a file from your computer, you need to provide the passphrase required to access the file.

Supply privileged credentials and fetch accounts

Once the credentials for remote login are supplied, you need to specify the privileged credentials required to fetch the accounts present in the devices.

If the credentials required to fetch the accounts are the same as the credentials used for remote login, then you can select the checkbox named Use remote login credentials as specified above.

You can choose between sudo and root as the authentication type.

If you are using separate credentials for fetching accounts, you need to specify the account name and password for the same.

Important Note:

When choosing to use the same remote login credentials for fetching accounts:

1. For root authentication, you need not specify the account name or the password.

2. For sudo authentication: a. If you choose password authentication for remote login, you need not specify your account name or password. b. If you choose to authenticate with a PKI file in the previous step, you need to specify the password for fetching accounts.

Advanced Options

You have the options to add all the discovered accounts into a specific folder and assign them a specific account type. This will help mitigate the efforts required for classifying the accounts at a later time. This can done using the options listed below.

1. If you want to assign all the imported accounts a specific account type, you can select one from the drop down.

   

2. If you want to add all the imported accounts to a folder, you can select one from the drop down. If you want to create a new folder for this purpose, you need to click on [Add Folder].

   

3. You have the option to assign strong and unique passwords to the accounts immediately after discovery.

   

   If you choose this option, Securden generates passwords based on the password policy specified and assigns them to the accounts on target devices.

   Note

   The credentials used for authentication will not be randomized if this option is chosen.

4. Once all the required parameters have been specified, click Discover. The process takes a few minutes to complete. Once it is completed, complete results with a list of accounts and their status is displayed. You can view how many accounts were successfully imported.