In accordance with best practice, SSH access is denied for root accounts on UNIXLINUX system.
What is the BEST way to allow CPM to manage root accounts?
In accordance with best practice, SSH access is denied for root accounts on UNIXLINUX system.
What is the BEST way to allow CPM to manage root accounts?
To securely manage root accounts while adhering to best practices which deny SSH access for root accounts, the best approach is to create a non-privileged account with SSH access for the CPM machine. This non-privileged account should then be configured as the Logon account for the target server's root account. This allows the CPM to manage root accounts without directly allowing root SSH access, thereby maintaining security best practices.
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Using-Logon-Accounts-for-SSH-and-Telnet-Connections.htm?Highlight=logon%20account
B https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Using-Logon-Accounts-for-SSH-and-Telnet-Connections.htm?Highlight=logon%20account