You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2022/06/23 11:46:00 UTC

[jira] [Work logged] (KNOX-2631) KnoxSSO for Secure Shell Access

     [ https://issues.apache.org/jira/browse/KNOX-2631?focusedWorklogId=784162&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-784162 ]

ASF GitHub Bot logged work on KNOX-2631:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 23/Jun/22 11:45
            Start Date: 23/Jun/22 11:45
    Worklog Time Spent: 10m 
      Work Description: smolnar82 closed pull request #477: [WIP] KNOX-2631
URL: https://github.com/apache/knox/pull/477




Issue Time Tracking
-------------------

    Worklog Id:     (was: 784162)
    Time Spent: 5.5h  (was: 5h 20m)

> KnoxSSO for Secure Shell Access
> -------------------------------
>
>                 Key: KNOX-2631
>                 URL: https://issues.apache.org/jira/browse/KNOX-2631
>             Project: Apache Knox
>          Issue Type: New Feature
>          Components: Homepage, KnoxSSO
>    Affects Versions: 1.5.0
>            Reporter: Lu Liu
>            Assignee: Lu Liu
>            Priority: Minor
>             Fix For: 2.0.0
>
>          Time Spent: 5.5h
>  Remaining Estimate: 0h
>
> While Apache Knox aids in helping to lessen the need to gain physical access
> to deployment machines, there are still numerous compelling reasons for users
> to require such access:
> 1. Debugging, log access, etc
> 2. CLI use and automation
> 3. beeline and other clients that are deployed to gateway machines
> Gaining access to a shell for these purposes currently requires the user to have
> an ssh client installed and valid credentials that can be used for ssh, such as:
> username and password or SSH keys. Separate management of credentials for this
> access introduces some additional complexities which may even violate enterprise
> infosec policies and require the secure distribution and management of keys.
> The intent of this proposed improvement is to add a browser based terminal application
> that will provide secure access to a shell on the Knox machine. Just as any resource
> exposed by or hosted by Knox, you would be able to protect access to this terminal
> with any of the available security providers. We would also like to make this
> available out of the box as available from the Knox Homepage. This would make the
> terminal/shell available via KnoxSSO thus providing shell access with your existing
> enterprise credential authenticated SSO session.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)