filmov
tv
OpenSSH Certificate Authorities by Tim Fletcher
Показать описание
OpenSSH is installed on nearly every virtual machine, physical server and IoT device. OpenSSH is a critical systems administration tool, used to manage everything from the server in the shed to continent spanning collections of systems.
Logging in to OpenSSH quickly and security is normally done with keys, sometimes using strong passwords and hardware key storage but all too often left lying about on laptops.
Managing the list of keys and permissions for an organisation of more than a handful of people rapidly gets challenging, tracking who has used which key to do what even more so.
Using the CA feature of OpenSSH it is possible to remove all this complexity, and leverage OpenSSH to enforce your central policies and provide you with strong audit trails.
Would you like to be able to issue an ssh certificate that allows Joe the new engineer to only login to the systems he’s managing, only valid for a week, and stop him forwarding ports to dodge your firewall? Would you like to be able to do that without touching any of the systems he’s managing?
Would you like a way for your 2 on call engineers to login for 5 minutes to that one critical system, but only if they both agree it’s a good idea without waking you up at 3am?
About FLOSS Spring Conference: The Spring Conference is the UK’s longest running event supporting systems and network administrators. But as FLOSSUK has evolved to support open networks, software, hardware and data so our primary conference has become open to submissions on these areas.
About FLOSSUK: Floss stands for Free and Libre Open Source Software, however as an organisation we also support Open Technology and Open Data so we like to think our name can also mean Free and Libre Open Source Systems. The term Libre is used because the meaning of Free in English is ambiguous. It can mean both free as in gratis – ‘a free lunch’ and the freedom to take what is already known and given and be able to build upon it. Libre means ‘at Liberty’ it means to use, to change, to build upon not to be in receipt without gratis.
Logging in to OpenSSH quickly and security is normally done with keys, sometimes using strong passwords and hardware key storage but all too often left lying about on laptops.
Managing the list of keys and permissions for an organisation of more than a handful of people rapidly gets challenging, tracking who has used which key to do what even more so.
Using the CA feature of OpenSSH it is possible to remove all this complexity, and leverage OpenSSH to enforce your central policies and provide you with strong audit trails.
Would you like to be able to issue an ssh certificate that allows Joe the new engineer to only login to the systems he’s managing, only valid for a week, and stop him forwarding ports to dodge your firewall? Would you like to be able to do that without touching any of the systems he’s managing?
Would you like a way for your 2 on call engineers to login for 5 minutes to that one critical system, but only if they both agree it’s a good idea without waking you up at 3am?
About FLOSS Spring Conference: The Spring Conference is the UK’s longest running event supporting systems and network administrators. But as FLOSSUK has evolved to support open networks, software, hardware and data so our primary conference has become open to submissions on these areas.
About FLOSSUK: Floss stands for Free and Libre Open Source Software, however as an organisation we also support Open Technology and Open Data so we like to think our name can also mean Free and Libre Open Source Systems. The term Libre is used because the meaning of Free in English is ambiguous. It can mean both free as in gratis – ‘a free lunch’ and the freedom to take what is already known and given and be able to build upon it. Libre means ‘at Liberty’ it means to use, to change, to build upon not to be in receipt without gratis.
0:43:33
OpenSSH Certificate Authorities by Tim Fletcher
0:19:53
SSH Certificate Authority Rocky Linux 8
0:10:53
BSidesSF 2020 - If You’re Not Using SSH Certificates You’re Doing SSH Wrong (Mike Malone)
0:28:38
SSH Certificates: a way to scale SSH access
0:49:43
Certificate Lifecycle Management for SSH Certificates
0:28:38
SSH Authentication with Certificate Authority / Bas van Kortenhof / Sanoma Tech Talks #29
0:20:10
SSH Certificate Management
0:07:29
DevSecCon Ignites: Stopping the Hassle of SSH Keys by Using SSH Certificates, Oded Hareven, Akeyless
0:03:59
Authenticate via SSH with keys
0:02:13
How to Install an SSH Certificate
0:28:56
BSidesSF 2017 - Better SSH management with ephemeral keys (Vivian Ho & Chris Steipp)
0:02:09
How to Connect to an SSH Server with a Certificate in AWS | An ITProTV Quick Byte
0:52:29
Keys or Certs for SSH Access? Why Should I Care?
0:54:33
Michael W Lucas: SSH Key Management -- BSDCan 2018
0:03:02
Unix & Linux: SSH + Certificate Authority server?
0:12:33
Public and Private Keys - Signatures & Key Exchanges - Cryptography - Practical TLS
0:28:29
Weekend Project: Single sign-on for SSH
0:52:04
Manage Secure Shell (SSH) Access with Time-Bound Certificates
0:21:05
Centrally Manage Certificates Obtained from any Certificate Authority
0:19:33
10 Weird Applications of Public Key Cryptography - Tim Caswell
0:12:08
Quick and Easy Local SSL Certificates for Your Homelab!
0:02:15
SSH via cert-authority (2 Solutions!!)
0:41:00
Certificates and encryption; All you need to know, but... - Pieter Van Der Meer
0:16:07
OpenSSL Certification Authority (CA) on Ubuntu Server
Комментарии