Support Center

JumpCloud Agent is not making system (SSH/MFA) modifications through API during scripted installs


When performing scripted installations of the JumpCloud Agent in orchestrated environments (Amazon EC2, Terraform, etc.), post install modifications performed via the API using system context authentication do not appropriately reflect in all cases (Please refer to JumpCloud APIs for more information).  These values include:
  • "displayName"
  • "allowMultiFactorAuthentication"
  • "allowSshPasswordAuthentication"
  • "allowPublicKeyAuthentication"
  • "allowSshRootLogin"


Due to the architecture of the JumpCloud Agent, this issue generally manifests as a timing issue when the JumpCloud configuration file is parsed during the first initialization, and when the API request is sent to modify the values of the system.


Due to the timing issue, we recommend configuring a sleep value between the JumpCloud installation and the API script calls to allow the agent ample time to finish initialization prior to modification.

When building the deployment script for your environment, JumpCloud recommends creating a sleep value of at least 120 seconds between installation and configuration.


curl --silent --show-error --header "x-connect-key: $JUMPCLOUD_CONNECT_KEY" | bash
sleep 120
curl -iq \
        -d "{ \"allowMultiFactorAuthentication\": true, \"allowSshPasswordAuthentication\": true, \"allowPublicKeyAuthentication\": false, \"allowSshRootLogin\": false }" \
        -X "PUT" \
        -H "Content-Type: application/json" \
        -H "Accept: application/json" \
        -H "Date: ${now}" \
        -H "Authorization: Signature keyId=\"system/${systemKey}\",headers=\"request-line date\",algorithm=\"rsa-sha256\",signature=\"${signature}\"" \

Last Updated: Jun 05, 2018 11:19AM MDT

Related Articles
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found