Follow

Issue: SSH Key Usage Report status of "Untracked Key" in Aperture seems incorrect / inaccurate.

Applies To:

Versions of TPP up to 19.1 (currently)

Summary:

The default SSH report indicates a status of having "Untracked Keys" which may be, or seem, inaccurate:

Screen_Shot_untracked.png

 

Checking the keys in the system indicates that we have what is necessary, according to the documentation, which indicates they should be discovered:

https://docs.venafi.com/Docs/current/TopNav/Content/SSH/c-SSH-key-usage-report-tpp.php

"Alert – provides information on keys untracked in SSH key manager and keys used from unknown client. .... For example, in case of untracked keys, you can install agents on those clients so that the keys will be found during key discovery."  (19.1 documentation)

Cause:

This is actually working as designed, but the documentation is slightly misleading. Simply discovering the certificate isn't enough, we need to also collect and MANAGE the keys as well.  The status of "Untracked" indicates the key is "not managed", not just "not known".

Resolution:

Either ignore the error, or ensure we are actually managing those keys.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments