Install the Advanced Server Access gateway

End of sale announcement

Effective May 1, 2026, Okta will no longer sell or renew Advanced Server Access. Existing customers must migrate to Okta Privileged Access within one year of their next scheduled renewal date to maintain service.

Read the FAQ and learn more about Okta Privileged Access.

Before you begin

Verify that the gateway server:

Can download packages from scaleft.com.
Can listen for incoming connections from clients.
Note: If you're installing the gateway on a cloud provider like AWS, you may need to modify your security group rules.
Can connect directly to your destination servers (also known as SSH target hosts).
Has adequate storage space to store your session logs.
Is running the Network Time Protocol (NTP) service and correctly synchronized to external NTP pool servers.

Ubuntu 20.04, 22.04, RHEL 8, or RHEL 9 is required for AD-joined and RDP connections that are routed through a gateway.

Installation guides

The following installation guide walks you through the steps to install the Okta Privileged Access gateway on various operating systems.

You can choose to install preview releases to test new features or install a production-ready stable release. Preview deployments begin on the release date and are gradually rolled out to all users over the course of one week before the stable release.