SSH applications

Secure shell (SSH) is a network protocol for operating network services securely over an unsecured network by providing a secure channel to connect an SSH client with an SSH server. Through the use of public-key cryptography pairs, better known as keys, SSH authenticates a remote computer and allows it to authenticate users with public-private key pairs.

In Enterprise Application Access (EAA), SSH enables remote developers to access applications from a browser without exposing the desktop on the Internet. SSH applications in Enterprise Application Access simplify key management because the private key of the pair lives on the connector and the administrator has the public key. The administrator can access an application without providing the public key to the user.

Configure and deploy a SSH application

Create an SSH application and configure it with settings that define how users interact with the remote application environment.

Enterprise Application Access supports both public-private key pairs and username and passphrase as modes of authentication for secure shell (SSH). SSH is more secure way to connect to any server that logging in with user name and password since both the public-private key pairs are needed for authenticating with the SSH server. Browser-based SSH applications in Enterprise Application Access currently support only RSA and DSA keys for key verification.

  1. Add an SSH application. For instructions on creating an application, see Add an application to EAA. When you complete the step for selecting the application type, ensure that you select SSH.

  2. In App Settings, configure the following:

    • Application server IP/FQDN. Enter the internal IP address for the server, or the fully qualified domain name (FQDN) that you use to access this server when you are inside in your company's network.
      DRAFT VERSION appears next to the application name, until you deploy the application.

    • Akamai Cloud Zone. Select a cloud zone located closest to the datacenter where your application resides.

    • SSH Username. Enter the user name used for authentication with the application. If it is provided, the application asks for a password at login. If it is not provided, the application asks for both a username and password at login.

    • SSH Passphrase. The passphrase is needed to decrypt the private key used in public key authentication. It is optional and is not needed if the private key does not require a paraphrase when you configured the SSH keys in your SSH server. But, if the private key requires a paraphrase and is not provided here, the user is prompted for it when connecting to the SSH server.

    • SSH Private Key. Paste the entire contents of the private key used for public key authentication. It should be in RSA Base64 PEM format and generated by OpenSSH ssh-keygen utility.

    • SSH Host Key. If you want the EAA connector to validate the origin server, enter a key for the SSH Host. If no key is provided, SSH host validation is not done. Multiple SSH host keys are not supported.

    • Disable clipboard functionality. Use this option to prevent users from copying information from a RDP session. Otherwise you can copy the information from the session window.

  3. Select an External Host and enter the hostname for the application. Configure one of the following:

  4. To associate connector with the application, click Add/Remove connector.


    More than one connector is recommended for high-availability and load balancing.

  5. Click Done.

  6. Click Save and go to Authentication.

  7. Configure Authentication settings. You can assign identity providers to an application, after you add directories, users and groups.

  8. Click **Save and go to Services.
    To configure the optional services, see Set up services for an application.

  9. To configure optional Advanced settings, see Set up advanced settings for an application.

  10. Click Save and go to deployment.

  11. Deploy the application.

Did this page help you?