Adding Host

Note: AppViewX SSH+ currently supports only adding servers as hosts.
To add a host:
  1. Go to (Menu) icon > SSH+ > Inventory > Host Inventory.
  2. On the command bar, click + Add Host.

    The SSH+::Host Inventory > Add Host page is displayed.

  3. Enter the following details:
    Table 1. Field description for Add Host section
    Field Description
    General information
    *Category Select Server.

    Selecting the Server option displays the Port field.
    *Vendor Select a vendor from the list. The vendors are:
    • Linux
    • Windows
    *Communication Mode This field is enabled if you select Vendor as Windows.

    Select the communication mode as SSH or Windows Gateway.
    *Windows Gateway This field is enabled if you select Communication Mode as Windows Gateway.

    Select a windows gateway that is configured under Advanced Settings > Windows Gateway tab.
    *Device Name Enter the name of the device. Displays the port used while configuring the device.
    Port This is a non-editable field.
    Jump Server Client By default, this is turned off. Turning on the toggle button allows you to identify the host as a jump server. client. The application infra access groups selected also get mapped to this jump server. client.
    *Access Type Select Key or Certificate.
    Note: The Certificate option can be disabled or enabledby configuring the Enable User CA Trust and Host Certificate toggle button under Advanced Settings.
    *FQDN / IP Address Enter the FQDN or the IP address of the host.
    *DataCenter Select a datacenter to connect to the host.
    *Inventory Action Select one of the options:
    • Do Not Move: To avoid the movement of newly discovered keys in the inventory.
    • Manage: To allow the system to manage the newly discovered keys, which are moved to the inventory with Managed status.
    • Monitor: To allow the system to monitor the newly discovered keys, which are moved to the inventory with Monitored status.
    *Discover Select one or both of the options:
    • User Keys: To discover user keys.
    • Host Keys: To discover host keys.
    *Scan Type Select one of the options:
    • Default: The system scans the default ssh folders.
    • Full: The system scans the entire location. You can enter the files name/path that you want to exclude from the discovery for non-standard location. Make sure to select the Sudoer User checkbox.
    • Directory: The system performs default scan along with directory scan in the specified directory. Enter the file name/path you want to exclude/include for non-standard location.
    Note: Changing the scan type clears the File Path table.
    File Path This field is enabled if you select Full or Directory as your Scan Type.

    Enter the file/s name/path that you want to exclude/include scan (only for directory scan) from the discovery for non-standard location.

    File path should always start with /.
    Operation This field is enabled if you select Fullor Directory as your Scan Type.
    Select one of the options:
    • Exclude: Disables the scan in the file/s name/path location entered in File Path.
    • Include: Enables the scan only in the file/s name/path location entered in File Path.
    Note: Multiple folder/path entries can be entered for scan, which are displayed in the consecutive table with respect to File Path and Operation.
    Recursive Scan This field is enabled if you select Default or Directory as your Scan Type and is applicable for file path.
    • For Default scan type, enable this toggle to perform a recursive scan of all user home directories.
    • For Directory scan type, by default, this toggle button is disabled, and only the specified top-level folder is scanned—nested directories are skipped. When enabled, the system recursively scans all subdirectories within the specified folder path for keys. This is applicable for file path.
    For Full or Directory scan type, click Add. The File Path table is populated with the results.
    Intensive Scan This field is enabled if you select Default, Full, or Directory as your Scan Type.
    You can toggle Intensive Scan to scan the content of each and every file.
    Note: For the Default scan type, Intensive Scan can only be enabled if Recursive Scan is also enabled.
    Credentials
    *Credential Type Select one of the options:
    • Manual entry: Enter username and password.
    • Credential List: Select the credential details that are already stored in the credential inventory page.
    Login Using Select one of the options:
    • Password: Enter username and password.
    • Identity Key: Click Upload and the Upload SSH Private Key window opens. Browse for the key file and fill out all the fields. Enter passphrase.
    *Username Enter the username.
    *Password This field is enabled if you select Login Using as Password.

    Enter the password.
    *Identity key This field is enabled if you select Login Using as Identity key.

    Upload the identity key.
    Passphrase This field is enabled if you select Login Using as Identity key.

    Enter the passphrase.
    Sudoer User This field is applicable if you select Vendor as Linux.
    Enable this checkbox if you want:
    • privileges to perform actions on discovery, provisioning, and remediation.
    • to discover keys for all users configured in the host.
    Administrator User This field is applicable if you select Vendor as Windows.
    Enable this checkbox if you want:
    • administrators privileges to perform actions on discovery, provisioning, and remediation.
    • to discover keys for all users configured in the host.
    *Access Elevation This field appears only on selection of Sudoer User.
    Assign group
    *Host Compliance Group Groups with RW permission will be visible in the Host Compliance Group field.
    *Application Infra Access Group Groups with RW permission will be visible in the Application Infra Access Group field. Only users with ACF permission can create an infra access group by entering a name in the text box and pressing Enter.

    Select the required Application Infra Access Group to which you want to map the onboarded host. The onboarded hosts are associated with the selected Application Infra Access Group.

    The Application Infra Access Group selection simplifies the grouping of the onboarded hosts and checks the onboarded hosts for user compliance. The onboarded hosts are checked for compliance based on the policy of the Application Infra Access Group it is associated with.
    *Key Compliance Group Groups with RW permission will be visible in the Key Compliance Group field.
    Note: Fields indicated with red asterisk (*) symbol are mandatory.
  4. Click Create.

    The host is created in the host inventory.