USB Key Management
USB keys can only be issued to user accounts with USB key authentication enabled in multifactor verification.
Before using a USB key for second authentication, prepare USB keys and install the USB key driver on the local computer. A USB key from a vendor cannot be identified by other vendors for login authentication. So, the vendor must be specified for each USB key. For details, see Configuring USB Keys.
Prerequisites
- You have obtained a USB key.
- You have the management permissions for the User module.
- You have the management permissions for the USBKey module.
Procedure
One USB key can be issued to one user only.
- Log in to your bastion host.
- Choose User > USBKey in the navigation pane.
- Click Issue to issue a USB key.
Figure 1 USBKey
- Select a user with the USB key multifactor verification enabled as the related user.
Figure 2 Issuing a USB key
Table 1 Parameters for issuing a USB key Parameter
Description
USBKey
Specifies the USB key ID.
Relate User
Specifies the user to which the USB key is related. USB key in multifactor verification must be enabled for such users.
PIN
Specifies the personal identification number (PIN) uniquely corresponding to the USB key. It is provided by the USB key vendor.
- Click OK. You can then view the newly issued USB key in the USB key list.
When you log in to a bastion host as a related user, insert the issued USB key to the local host. The bastion host automatically identifies the USB key. So you can select the corresponding USB key on the login page and enter the PIN number to finish the authentication.
Revoking a USB Key
- Log in to your bastion host.
- Choose User > USBKey in the navigation pane.
- In the Operation column of the row containing the USB key to be revoked, click Revoke.
- To revoke multiple USB keys at a time, select the ones you want and click Revoke at the bottom of the USB key list to revoke the selected USB keys together.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.