SSH Certification Authority as Plugin for WaTTS

From Lsdf
Revision as of 15:50, 9 March 2017 by Bas.wegh (talk | contribs) (Created page with "= Description = The INDIGO DataCloud [0] implements authentication and authorization services for the Cloud as well as orchestrating services to spin up a huge number of virtu...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Description

The INDIGO DataCloud [0] implements authentication and authorization services for the Cloud as well as orchestrating services to spin up a huge number of virtual servers on demand. Some users might need to get access to these VMs, maybe even for a limited of time. Usually remote access to VMs is done through the secure shell (ssh [1]). Managing all the accesses in a very dynamic environment is hard to manage.

The goal of this project is to develop a plugin for WaTTS [2], the INDIGO Token Translation Service, that functions as a SSH-CA, so that only one public key needs to be deployed on all VMs.

Tasks

  • understanding ssh-ca
  • getting familiar with WaTTS and how to implement a plugin
  • implement the plugin

Requirements

  • good knowledge of Linux
  • working with the command line
  • programming experience e.g. python or go

References

[0] https://www.indigo-datacloud.eu/
[1] https://en.wikipedia.org/wiki/Secure_Shell
[2] https://www.gitbook.com/book/indigo-dc/token-translation-service/details
[3] https://watts-dev.data.kit.edu
[3] https://github.com/cloudtools/ssh-cert-authority

Contact

Bas.Wegh@kit.edu

Retrieved from "https://wiki.scc.kit.edu/lsdf/index.php?title=SSH_Certification_Authority_as_Plugin_for_WaTTS&oldid=4748"