You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Larry McCay (Jira)" <ji...@apache.org> on 2021/10/09 18:46:00 UTC

[jira] [Updated] (KNOX-2631) KnoxSSO for Secure Shell Access

     [ https://issues.apache.org/jira/browse/KNOX-2631?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Larry McCay updated KNOX-2631:
------------------------------
    Fix Version/s:     (was: 1.6.0)
                   2.0.0

> KnoxSSO for Secure Shell Access
> -------------------------------
>
>                 Key: KNOX-2631
>                 URL: https://issues.apache.org/jira/browse/KNOX-2631
>             Project: Apache Knox
>          Issue Type: New Feature
>          Components: Homepage, KnoxSSO
>    Affects Versions: 1.5.0
>            Reporter: Lu Liu
>            Assignee: Lu Liu
>            Priority: Minor
>             Fix For: 2.0.0
>
>          Time Spent: 2h 40m
>  Remaining Estimate: 0h
>
> While Apache Knox aids in helping to lessen the need to gain physical access
> to deployment machines, there are still numerous compelling reasons for users
> to require such access:
> 1. Debugging, log access, etc
> 2. CLI use and automation
> 3. beeline and other clients that are deployed to gateway machines
> Gaining access to a shell for these purposes currently requires the user to have
> an ssh client installed and valid credentials that can be used for ssh, such as:
> username and password or SSH keys. Separate management of credentials for this
> access introduces some additional complexities which may even violate enterprise
> infosec policies and require the secure distribution and management of keys.
> The intent of this proposed improvement is to add a browser based terminal application
> that will provide secure access to a shell on the Knox machine. Just as any resource
> exposed by or hosted by Knox, you would be able to protect access to this terminal
> with any of the available security providers. We would also like to make this
> available out of the box as available from the Knox Homepage. This would make the
> terminal/shell available via KnoxSSO thus providing shell access with your existing
> enterprise credential authenticated SSO session.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)