KIT | KIT-Bibliothek | Impressum | Datenschutz

Certificate-based OpenSSH for Federated Identities

Brocke, Lukas 1
1 Scientific Computing Center (SCC), Karlsruher Institut für Technologie (KIT)

Abstract:

Despite being the most widely used Secure Shell Protocol (SSH) implementation, OpenSSH
only supports a very limited number of authentication mechanism including passwords,
public keys, and Kerberos. The extension of OpenSSH with support for authentication
using federated identities addresses the security risks associated with password-based
authentication, prevents cumbersome management of public keys, and streamlines user
management by enabling Single Sign-On (SSO) capabilities across diverse systems and
platforms. We present oinit, a collection of programs extending OpenSSH to support
any OpenID Connect identity provider for authentication. Our certificate-based solution
integrates seamlessly with standard OpenSSH and does not require any changes in users’
existing workflows or used programs.

Zugehörige Institution(en) am KIT Scientific Computing Center (SCC)
Publikationstyp Hochschulschrift
Publikationsdatum 29.09.2023
Sprache Englisch
Identifikator KITopen-ID: 1000165236
HGF-Programm 46.21.02 (POF IV, LK 01) Cross-Domain ATMLs and Research Groups
Verlag Karlsruher Institut für Technologie (KIT)
Umfang iv, 62 S.
Art der Arbeit Abschlussarbeit - Master
Prüfungsdaten 29.9.2023
Schlagwörter Federated Identity Management, IAM, AAI, SSH, Secure Shell, SSH-Certificates
Referent/Betreuer Streit, Achim
Neumair, Bernhard
Hardt, Marcus

Volltext §
DOI: 10.5445/IR/1000165236
Veröffentlicht am 05.12.2023
Seitenaufrufe: 153
seit 06.12.2023
Downloads: 266
seit 15.12.2023
Cover der Publikation
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page