Add host credentials and gain insights into discovered hosts and associated resources.

CAUTION: Using each SSH and WinRM credential you provide, Puppet Discovery attempts to authenticate with each discovered host until a successful authentication is achieved.  This process is repeated every 30 minutes.  Depending on the configuration of your network management and security sensors, Puppet Discovery's activities may trigger alerts or an active response.

There are a number of methods available for adding credentials. To add an individual SSH or WinRM credential, enter the credential username and password. To add multiple SSH credentials, upload SSH private key files, and enter the username and password for each credential.

Tip: Each time a credential is added, the discovery run starts automatically.

SSH username and passwords

SSH username and password are used to discover resources and resource instances, and to run tasks on your Linux hosts.

Important: To discover containers, your Linux credentials must be for the root account or an account that is a member of the Docker group, and the version of curl running on each target host must include the --unix-socket parameter. For more information, see managing Docker.
  1. On the menu bar, select Act > Add credential, and then click SSH username and password.
    Tip: To view your current credentials, or to add more credentials, click Settings > Manage credentials.
  2. In the Name field, enter a unique and descriptive name.
  3. Assign a scope to the SSH credential:
    • Discover: This credential scope is valid only for discovering resources on your Linux hosts.

    • Tasks: This credential is valid only for running tasks on your Linux hosts. No attempts are made to discover resources.

  4. In the Username field, enter your SSH username.
  5. In the Password field, enter your SSH password, and then click Add credential.

SSH private key files

Upload a SSH private key file to discover resources and resources instances, and to run tasks on your Linux hosts.

Important: To discover containers, your Linux credentials must be for the root account or an account that is a member of the Docker group, and the version of curl running on each target host must include the --unix-socket parameter. For more information, see managing Docker.
  1. On the menu bar, select Act > Add credential, and then click SSH private key file.
    Tip: To view your current credentials, or to add more credentials, select Settings > Manage credentials.
  2. On the Upload your SSH private key file page, click Browse, select your files, and then click Open.
    Tip: To upload multiple private key files, select the files pressing the ctrl key.
  3. Click Configure keys to continue to the Your SSH private key files page.
  4. In the Username field, enter your SSH username.
  5. In the Passphrase field, enter your SSH passphrase, or leave it blank if your key is not encrypted.
  6. Assign a scope to each SSH credential:
    • Discover: This credential scope is valid only for discovering resources on your Linux hosts.

    • Tasks: This credential is valid only for running tasks on your Linux hosts. No attempts are made to discover resources.

  7. Click Add keys.

WinRM credentials

WinRM credentials are used to discover resources and resource instances, and to run tasks on your Windows hosts.

To discover resources on your Windows hosts, you must enable WinRM access on each host by running the following commands:


                    winrm quickconfig
y
winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="1024"}'
                
Note: Include the winrm set winrm/config/service '@{AllowUnencrypted="true"}' command, if you want to enable the HTTP fallback option. See step 6 below.
  1. On the menu bar, select Act > Add credential, and then click WinRM.
    Tip: To view your current credentials, or to add more credentials, click Settings > Manage credentials.
  2. In the Name field, enter a unique and descriptive name.
  3. Assign a scope to the WinRM credential:
    • Discover: This credential scope is valid only for discovering resources on your Windows hosts.

    • Tasks: This credential is valid only for running tasks on your Windows hosts. No attempts are made to discover resources.

  4. In the Username field, enter your WinRM username.
  5. In the Password field, enter your WinRM password.
  6. Select HTTP fallback to permit using NTLM authentication over HTTP, if the default NTLM authentication over HTTPS fails.
  7. Click Add credential.
Back to top