SSH Certification Authority as Plugin for WaTTS

From Lsdf
Revision as of 15:52, 9 March 2017 by Bas.wegh (talk | contribs)
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Description

The INDIGO DataCloud [0] implements authentication and authorization services for the Cloud as well as orchestrating services to spin up a huge number of virtual servers on demand. Some users might need to get access to these VMs, maybe even for a limited of time. Usually remote access to VMs is done through the secure shell (ssh [1]). Managing all the permissions in a very dynamic environment is hard.

The goal of this project is to develop a plugin for WaTTS [2], the INDIGO Token Translation Service, that functions as a SSH-CA, so that only one public key needs to be deployed on all VMs.

Tasks

  • understanding ssh-ca
  • getting familiar with WaTTS and how to implement a plugin
  • implement the plugin

Requirements

  • good knowledge of Linux
  • working with the command line
  • programming experience e.g. python or go

References

[0] https://www.indigo-datacloud.eu/
[1] https://en.wikipedia.org/wiki/Secure_Shell
[2] https://www.gitbook.com/book/indigo-dc/token-translation-service/details
[3] https://watts-dev.data.kit.edu
[3] https://github.com/cloudtools/ssh-cert-authority

Contact

Bas.Wegh@kit.edu

Retrieved from "https://wiki.scc.kit.edu/lsdf/index.php?title=SSH_Certification_Authority_as_Plugin_for_WaTTS&oldid=4749"