SSH
How to request SSH permissions for AWS and GCP instances.
Last updated
How to request SSH permissions for AWS and GCP instances.
Last updated
This topic describes how to request SSH permissions for Amazon Web Services (AWS) and Google Cloud Platform (GCP) instances. P0 SSH provides full SSH functionality, enabling you to securely manage and configure remote servers.
This guide contains the following sections:
Existing P0 account at
Standard terminal application that supports SSH (e.g., Terminal, Command Prompt, PowerShell, or Bash)
version 20 or later
and/or account with admin access, where your target instances are hosted
P0 IAM integrations installed for and/or (depending on where you want to set up SSH)
(For AWS) Existing and/or account and an
Open your computerβs terminal.
Navigate to the directory where you'll install the P0 CLI using the following command:
Install the P0 CLI package:
(Recommended) Run the following command to globally install the P0 CLI package:
To request AWS or GCP SSH permissions:
From the list of Available components, click SSH Management.
Click + Add account.
From the Account identifier dropdown, select your AWS account or GCP project, then click Next.
Review the configuration and click Next.
(Optional) For AWS, enter a Grouping tag to group similar instances.
Click Finish to complete the SSH permissions request.
AWS and GCP accounts require different configuration processes. Choose the configuration instructions you need:
Once logged in, on the navigation bar, click CloudShell.
AWS CloudShell will open in the consoleβs bottom panel.
Click Finish to complete the configuration.
The account now appears on the SSH Management page.
In your terminal, run the following command to log into your P0 organization using Okta:
In the Okta window that displays, enter your activation code and click Next.
Return to your terminal and use the following command to request SSH access to your AWS instance or P0 grouping tag:
Wait for P0 to complete access provisioning. Your terminal displays the status of your request, and indicates whether it was approved or denied.
After SSH access is approved, you can run P0 AWS commands. For example, you can make an access request, or use the following command to list available SSH session destinations:
Congratulations! You're now set up with SSH for P0 on AWS.
Copy the name of the GCP instance you want to access from the resulting list. In the following example, private-node
is the GCP instance name.
In your terminal, run the following command to request SSH access to your GCP instance:
Your terminal displays a message with the wait time for access approval. A subsequent message confirms whether the access request is approved or denied.
After SSH access is approved, you can run P0 GCP commands. For example, you can make an access request or use the following command to list available SSH session destinations:
Congratulations! You're now set up with SSH for P0 on Google Cloud.
p0 ssh
To integrate p0 ssh
with your native SSH setup, you must update your SSH configuration file. Follow these steps:
Open your SSH configuration file using a text editor of your choice. The SSH Configuration file is typically located at ~/.ssh/config
.
Append the following lines to your SSH configuration file
To verify that p0 ssh
is working correctly with your new set up, run ssh your-hostname
. If everything is configured properly, ssh will connect to the host machine.
You must install the on your computer before you request permissions using SSH:
Alternatively, use to run the P0 CLI without installing it:
Go to in your browser. Select Integrations, then under the Resources section, click SSH.
You can use the Grouping tag as the <instance-name>
when you .
From the site, navigate to the SSH Management page, and copy the shell commands displayed.
Open a new browser tab and log into your .
Paste the commands from the SSH Management page into AWS CloudShell, and run them. This creates an , which enables P0 to provision sudo access, create a user directory, and configure authorized keys for user authentication.
Return to the browser tab for the SSH Management page, click Next, and wait for P0 to configure the account.
Replace <instance-name>
with the name of the AWS instance or a P0 grouping tag from . If you have multiple AWS instances with the same name, you may need to use the --parent <account_id>
flag within the command.
To display the GCP instances (previously set up for SSH access in ), run the following command in your terminal: