Since 2022, ISW is migrating to a more secure setup. Instead of sharing passwords via a Password Manager, we now use Vault to create OTP or sign ssh keys to give temporary access to a machine. This gives a lot security benefits, old members for example can no longer access those systems.
What is supported?
To see if the machine supports Vault login, go to the correct documentation page in the sysadmin documentation wiki. On the "Information" table you should see an entry which states the available Vault authentication methods. If a role is specified, you will need to use that role to login.
In this example, both OTP and SSH keys are supported. However you can only use the kubernetes role when signing in.
Logging in via OTP's
This login method is the most complex, it uses an extra helper for PAM to see if a password should be allowed. You can generate a password that can only be used once to login on the device.