Set Up SSH Keys LogicMonitor- step by step process

 Setting up SSH keys for LogicMonitor involves generating a key pair on the LogicMonitor Collector and then configuring the target devices to recognize the Collector's public key. Here's a step-by-step guide to do this:

1. Generate SSH Key Pair on the Collector

1. Access the Collector:

   • Log in to the server where the LogicMonitor Collector is installed.

2. Generate SSH Key Pair:

   • Open a terminal and generate an SSH key pair using the ssh-keygen command:

     sh
     ssh-keygen -t rsa -b 2048 -f ~/.ssh/lm_collector_key
     

   • This command generates a 2048-bit RSA key pair and saves it to ~/.ssh/lm_collector_key (private key) and ~/.ssh/lm_collector_key.pub (public key).
   • Follow the prompts to save the key pair (press Enter to accept the default file location) and optionally provide a passphrase for additional security.

2. Copy the Public Key to Target Devices

1. Copy the Public Key:

   • Use the ssh-copy-id command to copy the public key to the target device(s):

     sh
     ssh-copy-id -i ~/.ssh/lm_collector_key.pub username@target_device_ip
     

   • Replace username with the appropriate user account on the target device and target_device_ip with the IP address or hostname of the target device.

   • If ssh-copy-id is not available, you can manually copy the public key. First, display the public key:

     sh
     cat ~/.ssh/lm_collector_key.pub
     

   • Then, on the target device, append the displayed public key to the ~/.ssh/authorized_keys file of the target user:

     sh
     echo "ssh-rsa AAAAB3Nz..." >> ~/.ssh/authorized_keys
     

2. Set Permissions:

   • Ensure the ~/.ssh directory and authorized_keys file on the target device have the correct permissions:

     sh
     chmod 700 ~/.ssh
     chmod 600 ~/.ssh/authorized_keys
     

3. Configure LogicMonitor to Use the SSH Key

1. Navigate to LogicMonitor Settings:

   • Log in to your LogicMonitor account.
   • Go to Settings > Collectors.

2. Add SSH Key Credential:

   • Navigate to Settings > Credentials.
   • Click Add to create a new credential.
   • Set the Credential Type to SSH Key.
   • Provide a name for the credential (e.g., LM SSH Key).
   • In the Private Key field, copy and paste the contents of the private key file (~/.ssh/lm_collector_key).

3. Assign Credential to Devices:

   • Go to Resources > Devices.
   • Select the device(s) that you want to monitor using SSH.
   • Click Edit and go to the Credentials section.
   • Choose the SSH key credential you created from the dropdown list.

4. Verify SSH Key Authentication

1. Test SSH Connection:

   • From the LogicMonitor Collector server, test the SSH connection to the target device to ensure the key-based authentication works:

     sh
     ssh -i ~/.ssh/lm_collector_key username@target_device_ip
     

   • Ensure that you can log in without being prompted for a password.

2. Verify Data Collection in LogicMonitor:

   • After assigning the SSH key credential, verify that LogicMonitor is able to collect data from the target device.
   • Navigate to the Resources section in the LogicMonitor portal and check the device's metrics and status.

5. Configure Alerts and Reports (Optional)

1. Set Up Alert Rules:

   • Define alert thresholds for the collected SSH metrics to receive notifications when specific conditions are met.

2. Create Reports:

   • Use LogicMonitor’s reporting features to generate reports on the performance and status of your SSH devices.

By following these steps, you can set up SSH key-based authentication for LogicMonitor, enhancing security and ensuring seamless data collection from your SSH devices.