Custom SSH Configurations for Clients

Advanced Server Access allows SSH customization options for both Advanced Server Access Admins and their teams. End UsersIn Okta literature, we generally refer to "end users" as the people who have their own Okta home page (My Applications), using apps to authenticate into all of their apps. End users do not have any administrative control. When we refer to "users" we are generally referring to the individual(s) who have administrative control. can adjust how their clientEssentially, a client is anything that talks to the Okta service. Within the traditional client-server model, Okta is the server. The client might be an agent, an Okta mobile app, or a browser plugin. responds when attempting SSH connections, and Admins can customize how their servers respond to clients initiating connections. Before beginning, make sure that you've installed the ScaleFT Client and run the sft ssh-config command.

Client Customization

Note: Any paths provided are from a MacOS perspective and use /Users/AdminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page./ as an example folder path. Paths on your machine may read differently.

Depending on your Advanced Server Access client and your SSH configuration, you should see something like the following within your config file:

# To use ScaleFT proxycommand, add this configuration block to your $HOME/.ssh/config
Match exec "/usr/local/bin/sft resolve -q  %h"
ProxyCommand "/usr/local/bin/sft" proxycommand  %h
UserKnownHostsFile "/Users/Admin/Library/Application Support/ScaleFT/proxycommand_known_hosts"

Customization Examples