JumpServer PAM » Documentation » Administrating » Creating Accounts and SSH Keys on the Target System (Push Accounts)

Creating Accounts and SSH Keys on the Target System (Push Accounts)

JumpServer can automatically create accounts and SSH keys on target systems with specified parameters.

Any actions performed on target systems—such as creating accounts or SSH keys, discovering accounts, changing passwords, or rotating SSH keys—are executed by JumpServer on behalf of a privileged account that is added to your asset. This account must be marked as "Privileged" in its account properties:

2uk9xB3BqJt3d8dU-izobrazenie.png

If your asset does not have at least one account marked as Privileged, JumpServer will not attempt to perform any tasks related to account management.

How Push Account Works

  1. If the account does not exist on the target system and does not exist in the JumpServer account list, it will be created on the target system and added to JumpServer.

  2. If the account exists on the target system and exists in the JumpServer account list, nothing will happen — even if the passwords do not match.

  3. If the account exists on the target system but is not present in the JumpServer account list, the password on the target system will be changed (according to the password settings in the task), and the account will be added to JumpServer.

  4. If the account does not exist on the target system but is present in the JumpServer account list, the account will be created on the target system using the same password that is configured in JumpServer.

Creating an Account or SSH Key

Navigate to PAM → Push Accounts, open the Account push task tab, click Create, and fill in the required parameters:

Assets

Select one or multiple assets where the accounts or SSH keys will be created.

Nodes

Select a folder containing assets. JumpServer will attempt to create accounts on all assets located in the selected folder(s).

Accounts

Enter the usernames that will be created on all selected assets.

Secret strategy

  • Specified Secret — manually set a new password

  • Random generate — automatically generate a password

Password rules

Define the parameters for password generation.

Push parameters

Available only for host-type assets. Additional parameters for creating accounts on Linux systems.

Periodic

Enable periodic execution of the account creation task.

<< Automatic privilege escalation when connecting via SSH Discovering Unmanaged Accounts (Discover Accounts) >>

Need help?

Support during the JumpServer PAM Enterprise Edition pilot

Have you started testing JumpServer PAM EE and encountered an issue? Our process includes organizing email threads or Telegram groups for prompt issue resolution. If you are sure you were not added to such a group, please contact your supplier or reach out to us at support@afi-d.ru

Training for your specialists on configuring and administering JumpServer PAM

As part of an active technical support subscription, we will train your specialists in installation, configuration, administration of JumpServer PAM, as well as recovery from errors and incidents.

Training is conducted online, according to a pre-agreed plan, and includes mandatory practical knowledge verification with the issuance of personalized certificates (upon successful exam completion).

Video tutorials

Visit our channel on YouTube with video tutorials covering the configuration of all JumpServer PAM sections. The videos are in Russian and are updated with each new release.

Technical support for the free JumpServer PAM Community Edition

The idea of implementing a complex but business-critical PAM system can be intimidating due to the perceived complexity of setup, administrator and security team training, and changes to account management processes.

To make the deployment and configuration of JumpServer Community Edition comfortable, and to ensure you can always rely on professional assistance, AFI Distribution offers an annual technical support subscription.

The support package priced at 1.5 million RUB per JumpServer Community Edition instance (with no limits on the number of users or target systems) includes everything required to use PAM:

  • Russian-language documentation;
  • usage scenarios and recommended deployment architectures;
  • training for administrators and information security specialists on working with JumpServer;
  • tips and solutions for common questions;
  • notifications about new releases with verified upgrade instructions;
  • integration with RADIUS and multi-factor authentication “Multifactor” ;
  • direct access to an engineer (no first-line support) with a clear SLA.
Learn more and make a purchase on the Technical support subscription page
JumpServer PAM — privileged access management and secure access for contractors

JumpServer — a PAM solution with the largest user base, a full set of in-demand features, and excellent technical support.

The developer is Fit2Cloud; its mission is to keep the cost of high-quality privileged access and password management solutions affordable.

JumpServer.org

AFI Distribution LLC is a distributor of solutions for security and automation of computer networks.

Our specialists and partner integrators will help you: provide consultations, estimate projects, deploy solutions in networks of any scale, and train your staff.

AFI-Distribution.com

HERCEGOVAČKA 21
11000, Beograd, Srbija


Phone: +381 67 755 69 32
Phone: +381 67 755 29 63
E-mail: info@jumpserver-pam.com
TG: @JumpServerPAM_English

Prices listed on the website are recommended and do not include taxes, fees and additional options.