Add the HashiCorp GPG key.
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
Add the official HashiCorp Linux repository.
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
Update and install.
sudo apt-get update && sudo apt-get install boundary
Create user & group
adduser --system --group boundary
Grant permissions on files
chown -R boundary:boundary /etc/boundary.d
chown boundary:boundary /usr/bin/boundary
Create config file by editing /etc/boundary.d/controller.hcl
use controller.hcl as example.
Init databese
/usr/bin/boundary database init -config /etc/boundary.d/controller.hcl
Fix rights on service file
chmod 664 /etc/systemd/system/boundary.service
Enable and run Boundary controller
systemctl daemon-reload
systemctl enable boundary
systemctl start boundary
Add the HashiCorp GPG key.
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
Add the official HashiCorp Linux repository.
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
Update and install.
sudo apt-get update && sudo apt-get install boundary
Create user & group
adduser --system --group boundary
Grant permissions on files
chown -R boundary:boundary /etc/boundary.d
chown boundary:boundary /usr/bin/boundary
Create config file by editing /etc/boundary.d/worker.hcl
use worker.hcl as example.
Download
After installation, auth using login and password and change password to your desire
Select target -> Connect -> In terminal you can ssh to 127.0.0.1
and ${PORT}
ex:
ssh 127.0.0.1 -p 54321 -l username -i /path/to/ssh/key
Fix rights on service file
chmod 664 /etc/systemd/system/boundary.service
Enable and run Boundary controller
systemctl daemon-reload
systemctl enable boundary
systemctl start boundary
Get auth-method ID. You will need it to log in
export BOUNDARY_ADDR=https://boundary.pinesoftware.com.cy:9200
boundary auth-methods list
Choose one with Pine name. And authenticate with your login/password
boundary authenticate password -auth-method-id ${AUTH_ID} -login-name ${USER_NAME}
Now find the scope that you want to use.
boundary scopes list
As always, select the scope ID of the DC. Now get the scope ID of the "project". In our case, its environment
boundary scopes list -scope-id ${DC_SCOPE_ID}
Select host scope ID Now list host catalogs and get hosts
boundary host-catalogs list -scope-id ${PROJECT_ID}
Get target ID
boundary targets list -scope-id ${PROJECT_ID}
Select the host ID and connect to it
boundary connect ssh -host-id ${HOST_ID} -target-id ${TARGET_ID}$ -- -l user_name -i /path/to/ssh/key