Skip to content

Keystash Agent

The Keystash Agent runs on your Linux servers to manage users, SSH keys, and security configurations. This guide covers everything you need to know about the agent.

Hardware Requirements

The Keystash Agent is designed to be lightweight and efficient, requiring minimal system resources to operate effectively.

Minimum Requirements

Resource Requirement Notes
RAM 20 MB Peak memory usage during user synchronization
CPU 1 core Any speed; agent is not CPU intensive
Disk Space 45 MB Includes agent and configuration

Detailed Resource Usage

Memory Usage

  • Base usage: 5 MB
  • Peak usage: Up to 20 MB during:
    • User synchronization
    • SSH key updates
    • Two-factor authentication configuration

CPU Usage

  • Idle: <0.1% of one core
  • Active: Brief spikes during:
    • User updates
    • Configuration changes
    • Key synchronization
  • No multi-core optimization needed

Disk Space Breakdown

  • Agent binary: 45 MB
  • Configuration: 0.1 MB

While the agent can run with minimal resources, we recommend:

  • 40 MB RAM allocation for optimal performance
  • 100 MB disk space for logs and future updates
  • Network bandwidth: 1 Mbps or higher

Tip

The agent is designed to run efficiently in resource-constrained environments like containers and virtual machines.

Software Requirements

The Keystash Agent has different dependencies based on your Linux distribution. All packages are installed automatically through the package manager during installation.

Supported Distributions

  • AlmaLinux 8 and newer
  • Amazon Linux 2
  • Amazon Linux 2023 and newer
  • CentOS 7 and newer
  • Fedora Server 34 and newer
  • Debian 10 and newer
  • Oracle Linux 7 and newer
  • Redhat Enterprise Linux 7 and newer
  • Rocky Linux 8 and newer
  • Ubuntu 18.04 and newer

Debian/Ubuntu Requirements

  • sudo: For managing user permissions and access
  • openssl: For SSH key and cryptographic operations
  • libpam-google-authenticator: Version 20170702-2 or newer for Two-Factor Authentication support
  • systemd: For service management

RHEL/CentOS/Fedora Requirements

  • sudo: For managing user permissions and access
  • openssl: For SSH key and cryptographic operations
  • systemd: For service management
  • (Included with Keystash) otp-authenticator: For Two-Factor Authentication support

Note

The Keystash Agent conflicts with the google-authenticator package on RHEL-based systems. If this package is installed, it will be automatically removed during the Keystash installation.

System Requirements

  • Architecture: x86_64/amd64 (64-bit) and Aarch64/ ARM64 (64-bit) systems only

  • Package Manager:

    • Debian/Ubuntu: apt and dpkg
    • RHEL/CentOS/Fedora: yum or dnf

  • Systemd: Required for service management

  • SSL/TLS: Required for secure communication with Keystash servers

Warning

32-bit (i386/i686) systems are not supported. Ensure you are running a 64-bit operating system before installation.