Discovering Keys
Before you begin: You can access this functionality only if you have the ACF permissions enabled for your role.
SSH keys are installed to grant and protect access to privileged accounts. When initially deployed on a device, the device is configured to change privileged account passwords; however, if the devices are deployed after the SSH keys are installed, changing the passwords does not stop SSH keys from working thus rendering the privileged account insecure. To make it secure, these keys must be found so you can remove them and make the accounts secure again.
From the Discovery page, you can:
- Discover keys configured by creating and running scans on your network using IP range or subnet option. You can map the discovered keys to the selected key compliance groups and manage/monitor them. See Network Scan.
- Discover keys on the devices you configured by creating and running scans on your devices. If the key already exists in the key inventory under another key group, then only the additional location/filename/filepath details is updated. The keys are not updated to the group that was provided in the discovery creation details. See Managed Devices.
- Fetch the details and the status of the discovery such as the discovery method, action, recurrence, status along with the start and end time. See Discovery Status.
- Create, customize, or delete the scheduler to run the discoveries. See Scheduler.
- Fetch the key discovery status of the user and host keys, risk report, details of the user and host keys and the hosts. See Viewing Discovery Summary.
