Boundary
Run and log in to Boundary
To start Boundary in dev mode:
$ boundary dev
Log in to Boundary
Boundary uses a predictable login name (admin
) and password (password
) in
dev mode. These can be overridden, or randomly generated, with flags to
boundary dev
. The auth method resource in the global scope is set as the primary auth method for that scope. This allows you to omit the auth method ID when authenticating, enabling the short-form boundary authenticate
:
$ boundary authenticate
Please enter the login name (it will be hidden):
Please enter the password (it will be hidden):
If you are on Windows or macOS, the system password store will be used to store
the new token. On any other operating system, you may get an error indicating
that the token could not be stored. Boundary defaults to using
pass on these machines, which uses GNU
Privacy Guard to encrypt values. If it is not available,
the token will be displayed and can be stored in a system of your choice and
passed in via the BOUNDARY_TOKEN
environment variable.
It is recommended to make use of pass
or another alternative (such as any
implementation of the freedesktop.org Secret Service feature). Installation and
configuration of pass
or other alternatives is beyond the scope of this
article; consult the documentation for pass
or your specific OS distribution
help pages.
Note that if -format json
is used on this command, Boundary will not save the
token to the system password store. In this case, the authentication information
will only be printed to your terminal in JSON format. You can use the
BOUNDARY_TOKEN
environment variable or -token
flag to provide the token in
subsequent commands.
Next steps
See connecting to your first target for how to use Boundary to run your first SSH session.