USENIX LISA 2013 Managing Access Using SSH Keys [video]

Contributed by tbert on 2013-12-18 from the a-usenix-conference-for-an-old-apple-product dept.

Tatu Ylönen invented the Secure Shell (SSH) protocol in 1995 and even the history of OpenSSH mentions how OpenSSH is a derivative of the original free ssh 1.2.12 he released. He is also the founder and CEO of SSH Communications Security which sells a commercial version of ssh. A few more details can be found on the USENIX LISA 2013 page for "Managing Access Using SSH Keys" but the audio and video files are linked below.

SSH user keys are ubiquitously used for accessing information systems by automated processes and system administrators. Many large organizations have hundreds of thousands of keys granting access, with many keys providing privileged access without auditing or controls. The talk educates the audience about risks arising from unmanaged access using SSH keys; discusses what is required by compliance mandates; outlines how to establish effective operational processes for provisioning, terminating, and monitoring SSH user key based access; and outlines how to understand and remediate SSH user keys in an existing environment.

Editor's note: This talk is, in no small part, a push for a commercial product; the issues raised in regards to lax management of SSH keys, however, are valid enough to warrant careful consideration of one's own key regime.

Available audio and video formats:
Video MP4 | Video WEBM | Audio MP3 | Audio OGG

(Comments are closed)

Latest Articles

Thu, Apr 18
- 05:05 Coming soon to a -current system near you: parallel raw IP input (0)
Wed, Apr 17
- 05:33 In -current, default write format for tar(1) changed to "pax" (8)
Wed, Apr 10
- 18:50 OpenSMTPD 7.5.0p0 Released (2)
Tue, Apr 09
- 04:49 20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09) (13)
Fri, Apr 05
- 06:16 OpenBSD 7.5 released (2)
Thu, Mar 28
- 18:18 LibreSSL 3.8.4 and 3.9.1 released (0)
Tue, Mar 12
- 06:53 OpenSSH 9.7/9.7p1 released! (0)
Mon, Mar 11
- 11:28 Game of Trees 0.97 released (0)
Sun, Mar 10
- 09:06 LibreSSL versions 3.8.3 and 3.9.0 released (0)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]