Installing Privileged Access for SSH

Deploy the Gateway and configure SSH access using the Twingate Terraform provider.

The recommended way to install Privileged Access for SSH is with the Twingate Terraform provider, which publishes complete, runnable examples. Each guide includes the full Terraform configuration, startup scripts, and step-by-step deployment instructions for a specific cloud.

Prerequisites

A Twingate account with administrator privileges
A Remote Network
The Twingate Client meeting the minimum version requirements
Terraform installed

Terraform quick-start guides

These guides use a local SSH CA for simplicity, where the Gateway holds the CA private key and signs certificates directly. This is a good way to try out SSH access through the Gateway.

Local SSH CA on AWS — Deploy a Gateway with SSH access on AWS.
Local SSH CA on DigitalOcean — Deploy a Gateway with SSH access on DigitalOcean.
Local SSH CA on GCE — Deploy a Gateway with SSH access on Google Compute Engine.

Vault as SSH CA

For production deployments, the Gateway can use HashiCorp Vault’s SSH secrets engine to sign certificates instead of a local CA. See the Vault integration guide for setup instructions.

Next steps

After the Gateway is running and your SSH Resources are accessible, see Remote development with Twingate SSH for IDE setup with VS Code, JetBrains Gateway, and Cursor.

Last updated 48 minutes ago

Search