Difference between revisions of "SSH Certification Authority as Plugin for WaTTS"

From Lsdf
 
Line 26: Line 26:
   
 
= Contact =
 
= Contact =
[mailto:Bas.Wegh@kit.edu Bas.Wegh@kit.edu]
+
[mailto:uros.stevanovic@kit.edu uros.stevanovic@kit.edu]

Latest revision as of 10:42, 27 October 2017

Description

In the European Project INDIGO DataCloud [0] we implement authentication and authorization services for the Cloud and for orchestration services to spin up a huge number of virtual servers on demand.

Some users need to get access to these VMs via SSH. Remote access to VMs is usually done through the secure shell (ssh [1]).

Managing all the permissions in a very dynamic environment is hard.

The goal of this project is to develop a plugin for WaTTS [2], the INDIGO Token Translation Service, that functions as a SSH-CA, so that only one public key needs to be deployed on all VMs.

Tasks

  • understanding ssh-ca
  • getting familiar with WaTTS and how to implement a plugin
  • implement the plugin

Requirements

  • good knowledge of Linux
  • working with the command line
  • programming experience e.g. python or go

References

[0] https://www.indigo-datacloud.eu/
[1] https://en.wikipedia.org/wiki/Secure_Shell
[2] https://www.gitbook.com/book/indigo-dc/token-translation-service/details
[3] https://watts-dev.data.kit.edu
[3] https://github.com/cloudtools/ssh-cert-authority

Contact

uros.stevanovic@kit.edu