eliott/authentik
1
0
Fork 0
mirror of https://github.com/goauthentik/authentik synced 2026-04-25 17:15:26 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
6ed5cb524939836a18dcc6cd7fba2a83c99b16ac
authentik/website/docs/add-secure-apps/providers/rac/rac-public-key.md
Teffen Ellis 6ed5cb5249 website/docs: Modal and wizard button labels (#21549) 
* website/integrations: rename "Create with Provider" to "New Application"

The application list page now uses a split-button labeled
"New Application" instead of the old "Create with Provider" dropdown.
Update all 113 integration guides to match.

* website/docs: update flow, stage, and policy button labels

- "Create" → "New Flow", "New Stage", "New Policy" for trigger buttons
- "Finish" → "Create Flow", "Create Stage", "Create Policy" for submit
- "Create and bind stage" → "New Stage" / "Bind Existing Stage"
- "Create" (binding submit) → "Create Stage Binding"

* website/docs: update provider button labels

- "Create" → "New Provider" for trigger buttons
- "Create with Provider" → "New Application" in RAC docs
- "Create" → "New Property Mapping", "New RAC Endpoint", "New Prompt"
  for related entity creation

* website/docs: update directory button labels

- "Create" → "New Source" for federation/social login pages
- "Create" → "New Role", submit → "Create Role"
- "Create" → "New Invitation"
- Policy binding submit → "Create Policy Binding"

* website/docs: update endpoint device and system management button labels

- "Create" → "New Endpoint Connector", "New Enrollment Token",
  "New Device Access Group", "New Flow"
- Submit → "Create Device Access Group"
- "Create" → "New Notification Rule", "New Notification Transport"
- Binding submit → "Create Policy Binding"

* Reorganize policy documentation

* website/docs: address policy docs review feedback

* post-rebase

* website/docs: Reorganize policy documentation -- Revisions (#21601)

* apply suggestions

* Fix escaped.

* Fix whitespace.

* Update button label.

* Fix phrasing.

* Fix phrasing.

* Clean up stragglers.

* Format.

---------

Co-authored-by: Dominic R <dominic@sdko.org>
2026-04-16 17:35:38 +00:00

5.0 KiB
Raw Blame History

title
title
RAC SSH Public Key Authentication

About RAC SSH public key authentication

The RAC provider supports SSH public key authentication. This allows for secure connections to SSH endpoints without the use of passwords.

SSH private keys can be configured via several methods:

Apply a private key to an RAC provider

  1. Log in to authentik as an administrator and open the authentik Admin interface.
  2. Navigate to Applications > Providers.
  3. Click the Edit icon on the RAC provider that requires public key authentication.
  4. In the Settings codebox enter the private key of the endpoint, for example: 
    private-key: |
    -----BEGIN SSH PRIVATE KEY-----
    SAMPLEgIBAAJBAKj34GkxFhD90vcNLYLInFEX6Ppy1tPf9Cnzj4p4WGeKLs1Pt8Qu
    KUpRKfFLfRYC9AIKjbJTWit+CqvjWYzvQwECAwEAAQJAIJLixBy2qpFoS4DSmoEm
    o3qGy0t6z09AIJtH+5OeRV1be+N4cDYJKffGzDa88vQENZiRm0GRq6a+HPGQMd2k
    TQIhAKMSvzIBnni7ot/OSie2TmJLY4SwTQAevXysE2RbFDYdAiEBCUEaRQnMnbp7
    9mxDXDf6AU0cN/RPBjb9qSHDcWZHGzUCIG2Es59z8ugGrDY+pxLQnwfotadxd+Uy
    v/Ow5T0q5gIJAiEAyS4RaI9YG8EWx/2w0T67ZUVAw8eOMB6BIUg0Xcu+3okCIBOs
    /5OiPgoTdSy7bcF9IGpSE8ZgGKzgYQVZeN97YE00
    -----END SSH PRIVATE KEY-----
  5. Click Update.

:::info The pipe character (|) is required to preserve linebreaks in the YAML text. See the YAML spec for more information. :::

Apply a private key to an RAC endpoint

  1. Log in to authentik as an administrator and open the authentik Admin interface.
  2. Navigate to Applications > Providers.
  3. Click the name of the RAC provider that the endpoint belongs to.
  4. Under Endpoints, click on the Edit icon next to the endpoint that requires public key authentication.
  5. Under Advanced settings, in the Settings codebox enter the private key of the endpoint: 
    private-key: |
    -----BEGIN SSH PRIVATE KEY-----
    SAMPLEgIBAAJBAKj34GkxFhD90vcNLYLInFEX6Ppy1tPf9Cnzj4p4WGeKLs1Pt8Qu
    KUpRKfFLfRYC9AIKjbJTWit+CqvjWYzvQwECAwEAAQJAIJLixBy2qpFoS4DSmoEm
    o3qGy0t6z09AIJtH+5OeRV1be+N4cDYJKffGzDa88vQENZiRm0GRq6a+HPGQMd2k
    TQIhAKMSvzIBnni7ot/OSie2TmJLY4SwTQAevXysE2RbFDYdAiEBCUEaRQnMnbp7
    9mxDXDf6AU0cN/RPBjb9qSHDcWZHGzUCIG2Es59z8ugGrDY+pxLQnwfotadxd+Uy
    v/Ow5T0q5gIJAiEAyS4RaI9YG8EWx/2w0T67ZUVAw8eOMB6BIUg0Xcu+3okCIBOs
    /5OiPgoTdSy7bcF9IGpSE8ZgGKzgYQVZeN97YE00
    -----END SSH PRIVATE KEY-----
  6. Click Update.

:::info The pipe character (|) is required to preserve linebreaks in the YAML text. See the YAML spec for more information. :::

Apply a private key to an RAC property mapping

  1. Log in to authentik as an administrator and open the authentik Admin interface.

  2. Navigate to Customization > Property Mappings and click New Property Mapping, then create a RAC Provider Property Mapping with the following settings:

    • Name: Choose a descriptive name
    • Under Advanced Settings:
      • Expression:
    import textwrap

private_key = textwrap.dedent("""
-----BEGIN SSH PRIVATE KEY-----
SAMPLEgIBAAJBAKj34GkxFhD90vcNLYLInFEX6Ppy1tPf9Cnzj4p4WGeKLs1Pt8Qu
KUpRKfFLfRYC9AIKjbJTWit+CqvjWYzvQwECAwEAAQJAIJLixBy2qpFoS4DSmoEm
o3qGy0t6z09AIJtH+5OeRV1be+N4cDYJKffGzDa88vQENZiRm0GRq6a+HPGQMd2k
TQIhAKMSvzIBnni7ot/OSie2TmJLY4SwTQAevXysE2RbFDYdAiEBCUEaRQnMnbp7
9mxDXDf6AU0cN/RPBjb9qSHDcWZHGzUCIG2Es59z8ugGrDY+pxLQnwfotadxd+Uy
v/Ow5T0q5gIJAiEAyS4RaI9YG8EWx/2w0T67ZUVAw8eOMB6BIUg0Xcu+3okCIBOs
/5OiPgoTdSy7bcF9IGpSE8ZgGKzgYQVZeN97YE00
-----END SSH PRIVATE KEY-----
""")

return {
    "username": "<your_username>",
    "private-key": private_key
}

  3. Click Finish.

  4. Navigate to Applications > Providers.

  5. Click the Edit icon on the RAC provider that requires public key authentication.

  6. Under Protocol Settings add the newly created property mapping to Selected Property Mappings.

  7. Click Update.

Retrieve a private key from a user's attributes and apply it to an RAC property mapping

  1. Log in to authentik as an administrator and open the authentik Admin interface.

  2. Navigate to Customization > Property Mappings and click New Property Mapping. Create a RAC Provider Property Mapping with the following settings:

    • Name: Choose a descriptive name
    • Under Advanced Settings:
      • Expression:
      return {
"private-key": request.user.attributes.get("<private-key-attribute-name>", "default"),
}

  3. Click Finish.

  4. Navigate to Applications > Providers.

  5. Click the Edit icon on the RAC provider that requires public key authentication.

  6. Under Protocol Settings, add the newly created property mapping to Selected Property Mappings.

  7. Click Update.

:::info For group attributes, the following expression can be used request.user.group_attributes(request.http_request). :::

Reference in New Issue View Git Blame Copy Permalink