SSH Certification Authority as Plugin for WaTTS

From Lsdf
Revision as of 15:58, 9 March 2017 by Marcus (talk | contribs)
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Description

In the European Project INDIGO DataCloud [0] we implement authentication and authorization services for the Cloud and for orchestration services to spin up a huge number of virtual servers on demand.

Some users need to get access to these VMs via SSH. Remote access to VMs is usually done through the secure shell (ssh [1]).

Managing all the permissions in a very dynamic environment is hard.

The goal of this project is to develop a plugin for WaTTS [2], the INDIGO Token Translation Service, that functions as a SSH-CA, so that only one public key needs to be deployed on all VMs.

Tasks

  • understanding ssh-ca
  • getting familiar with WaTTS and how to implement a plugin
  • implement the plugin

Requirements

  • good knowledge of Linux
  • working with the command line
  • programming experience e.g. python or go

References

[0] https://www.indigo-datacloud.eu/
[1] https://en.wikipedia.org/wiki/Secure_Shell
[2] https://www.gitbook.com/book/indigo-dc/token-translation-service/details
[3] https://watts-dev.data.kit.edu
[3] https://github.com/cloudtools/ssh-cert-authority

Contact

Bas.Wegh@kit.edu

Retrieved from "https://wiki.scc.kit.edu/lsdf/index.php?title=SSH_Certification_Authority_as_Plugin_for_WaTTS&oldid=4750"