How does 'SSH Connect' work?

SSH Connect enables a user at the Sysdig Monitor interface to quickly access and execute shell commands on any host listed on the Explore tab.

The SSH Connect feature works by encapsulating an SSH connection on top of the persistent TCP connection between the Sysdig agent and our back-end servers (port 6666/tcp) so no additional connections are required. This instrumentation conveniently allows for access to instances that sit in a private network or behind a NAT.

Security is maintained since you still need to provide your SSH private key in order to initiate a session, and that key is never stored on our back-end servers. Thus, even if your Sysdig Monitor credentials are compromised, it is practically impossible for someone to break the SSH feature.

You do have the option to save the SSH key but it will be saved in the local web browser cache and only if you explicitly choose to do so.

Security is further enhanced since connections are automatically closed when you close your browser tab, the connection is completely stateless and secure.

 

If you need to disable the SSH Connect feature, append the following option to the agent's user settings configuration file: /opt/draios/etc/dragent.yaml:

ssh_enabled: false

Then restart the agent with:

sudo service dragent restart

 

 

Have more questions? Submit a request