Information on compatible SSH servers
This page is updated regularly as we add more support across different operating systems, SSH vendors and versions. The matrix shows the SSH vendor and version, on which operating system it was tested and the key management integration method used.
|Operating System||Version||Integration Notes|
|Windows 2019||7.7||Task Scheduler|
|Windows 2022||8.1||Task Scheduler|
|macOS Big Sur||8.1|
|Centos 7||Cronjob (SELinux)|
|Oracle Linux||9||Cronjob (SELinux)|
|Amazon Linux 2||7.4|
These are some of the issues we have encoutered during testing.
If you experience issues with Fedora failing to install the helper program, you should check that the FreeType package is installed. It can be installed on Fedora using:
yum install freetype
This issue may not affect all Fedora installations; testing was performed on a minimum server installation where FreeType was not installed by default.
Some flavours of Linux install with SELinux enabled in enforcing mode. This configuration requires complex policy configuration for the sshd process to execute the AuthorizedKeysCommand. So to avoid this blocking the provisioning of these servers, our kdeploy command will force the use of the task scheduler (cron) to synchronize keys on an hourly basis.
When kdeploy attempts to authenticate with your server, it will try and use identities in your .ssh folder and identities stored in your local sshagent. Having too many identities stored in either of these locations might cause the server to reject the connection with the “Too many authentication failures”.
You can disable the automatic use of .ssh identities by adding the -I flag to your kdeploy command line and disable sshagent identities with the -D flag.