From 3debee13f920228ff53642fb37dc75e07c69c358 Mon Sep 17 00:00:00 2001 From: Jeff Mitchell Date: Wed, 10 Aug 2022 19:05:21 -0400 Subject: [PATCH] Update changelog --- CHANGELOG.md | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7fdf55ad5d..cdd1805fd4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,11 +6,19 @@ Canonical reference for changes, improvements, and bugfixes for Boundary. ### New and Improved -* `boundary connect` Credential Brokering Integration: we have extended - integration into the `boundary connect` helpers. When using the `ssh` helper - if the brokered credentials contain a `ssh_private_key` type the command will - automatically pass the credentials to the `ssh` process - ([PR](https://github.com/hashicorp/boundary/pull/2267)). +* `ssh` Target Type With Credential Injection (HCP Boundary only): Boundary has + gained a new `ssh` target type. Using this type, username/password or SSH + private key credentials can be sourced from `vault` credential libraries or + `static` credentials and injected into the SSH session between a client and + end host. This allows users to securely SSH to remote hosts while never being + in possession of a valid credential for that target host. +* SSH Private Key Credentials: There is now an `ssh_private_key` credential type + that allows submitting a username/private key (and optional passphrase) to + Boundary for use with credential injection or brokering workflows. +* `boundary connect ssh` Credential Brokering Enhancements: we have extended + support into the `boundary connect ssh` helper for brokered credentials of + `ssh_private_key` type; the command will automatically pass the credentials to + the `ssh` process ([PR](https://github.com/hashicorp/boundary/pull/2267)). * `boundary authenticate`, `boundary accounts`: Enables use of `env://` and `file://` syntax to specify location of a password ([PR](https://github.com/hashicorp/boundary/pull/2325))