update documentation regarding external connectors feature

This commit is contained in:
tecxx
2022-01-14 11:11:15 +01:00
parent 4c304e11f3
commit 86b3cb8d5d
6 changed files with 39 additions and 0 deletions

View File

@@ -0,0 +1,21 @@
*************
Credential Vault Connector
*************
.. warning::
This feature is currently only developed for Thycotic Secret Server (on-premise installations). It is implemented for RDP and SSH connections.
mRemote supports fetching credentials from external credential vaults. This allows providing credentials to the connection without storing these to disk, which has numerous benefits (security, auditing, rotating passwords, etc).
Instead of specifying username/password/domain directly in mRemote, leave these fields empty and just set the secret id:
.. figure:: /images/credvault01.png
The secret id is the unique identifier of your secret, you can find it in the URL in your thycotic interface.
e.g. https://cred.domain.local/SecretServer/app/#/secret/3318/general -> the secret id is 3318
Before initiating the connection mRemote will access your Secret Server API URL and fetch the data. For this to work the API endpoint URL and access credentials need to be specified. A popup will show up if this information has not yet been set.
.. figure:: /images/credvault02.png

View File

@@ -0,0 +1,16 @@
*************
Dynamic Host Addresses
*************
.. warning::
This feature is in beta and currently supports Amazon EC2 only
Some hosts may have dynamic ip addresses or hostnames. For example, Amazon EC2 instances without elastic ips change their public address upon stop and restart events.
mRemote can automatically update the host property when ec2 region and instance-id properties are set:
.. figure:: /images/ec2instance.png
Before initiating the connection, mRemote will contact the EC2 API, fetch the current public ipv4 address and write it to the host field. Afterwards the connection is initiated as usual.
For this to work, a valid EC2 access key needs to be specified. mRemote will ask for it via a popup window if not yet specified. This token is then stored to registry. We strongly recommend to generate **readonly** access keys in the EC2 AMI interface.

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.6 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.3 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 20 KiB

View File

@@ -29,6 +29,8 @@ Welcome to mRemoteNG's documentation!
howtos/external_tools.rst
howtos/bulk_connections.rst
howtos/vmrdp.rst
howtos/credvault.rst
howtos/dynamic_host.rst
.. toctree::
:maxdepth: 2