[jira] [Commented] (KNOX-2631) KnoxSSO for Secure Shell Access

Fri, 21 Oct 2022 06:47:13 -0700 


    [ 
https://issues.apache.org/jira/browse/KNOX-2631?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17622284#comment-17622284
 ] 

ASF subversion and git services commented on KNOX-2631:
-------------------------------------------------------

Commit 070ccf3cc62761c33b41dfee7679f22e58357a46 in knox's branch 
refs/heads/dependabot/npm_and_yarn/knox-token-management-ui/scss-tokenizer-and-angular/cli--removed
 from Sandeep Moré
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=070ccf3cc ]

KNOX-2631 - Webshell (#639)

Co-authored-by: 336699github <[email protected]>

> KnoxSSO for Secure Shell Access
> -------------------------------
>
>                 Key: KNOX-2631
>                 URL: https://issues.apache.org/jira/browse/KNOX-2631
>             Project: Apache Knox
>          Issue Type: New Feature
>          Components: Homepage, KnoxSSO
>    Affects Versions: 1.5.0
>            Reporter: Lu Liu
>            Assignee: Lu Liu
>            Priority: Minor
>             Fix For: 2.0.0
>
>          Time Spent: 7h 40m
>  Remaining Estimate: 0h
>
> While Apache Knox aids in helping to lessen the need to gain physical access
> to deployment machines, there are still numerous compelling reasons for users
> to require such access:
> 1. Debugging, log access, etc
> 2. CLI use and automation
> 3. beeline and other clients that are deployed to gateway machines
> Gaining access to a shell for these purposes currently requires the user to 
> have
> an ssh client installed and valid credentials that can be used for ssh, such 
> as:
> username and password or SSH keys. Separate management of credentials for this
> access introduces some additional complexities which may even violate 
> enterprise
> infosec policies and require the secure distribution and management of keys.
> The intent of this proposed improvement is to add a browser based terminal 
> application
> that will provide secure access to a shell on the Knox machine. Just as any 
> resource
> exposed by or hosted by Knox, you would be able to protect access to this 
> terminal
> with any of the available security providers. We would also like to make this
> available out of the box as available from the Knox Homepage. This would make 
> the
> terminal/shell available via KnoxSSO thus providing shell access with your 
> existing
> enterprise credential authenticated SSO session.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to