This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP KeyBox"
(→Repository) |
|||
| Line 39: | Line 39: | ||
[mailto:[email protected] Sean Kavanagh] | [mailto:[email protected] Sean Kavanagh] | ||
| − | == | + | == Links == |
[https://github.com/skavanagh/KeyBox KeyBox on Github] | [https://github.com/skavanagh/KeyBox KeyBox on Github] | ||
| + | [http://sshkeybox.com Website] | ||
==Classifications== | ==Classifications== | ||
Revision as of 13:34, 13 March 2015
OWASP KeyBox ProjectKeyBox is a web-based SSH console that centrally manages administrative access to systems. It combines key management and administration through profiles assigned to defined users. KeyBox layers TLS/SSL on top of SSH and can act as a bastion host. DescriptionKeyBox is a web-based SSH console that centrally manages administrative access to systems. KeyBox combines key management and administration through profiles assigned to defined users. Administrators can login using two-factor authentication with FreeOTP or Google Authenticator . From there they can create and manage public SSH keys or connect to their assigned systems through a web-shell. Commands can be shared across shells to make patching easier and eliminate redundant command execution. KeyBox layers TLS/SSL on top of SSH and acts as a bastion host for administration. Protocols are stacked (TLS/SSL + SSH) so infrastructure cannot be exposed through tunneling / port forwarding. More details can be found in the following whitepaper: The Security Implications of SSH. Also, SSH key management is enabled by default to prevent unmanaged public keys and enforce best practices. Licensing |
Quick DownloadProject LeaderLinksClassifications
|
News and Events
| ||||||
- I have a reverse-proxy that already terminates TLS/SSL, how do I disable TLS/SSL?
- In the jetty directory edit the start.ini file and set
- --module=https
- to
- --module=http
- and change jetty.port=8443 to the needed port to be and restart. More information on jetty can be found - Jetty Documentation
Road Map
Add ability to save session and command line information to a large data store so it can be audited and reviewed. Compute and flag irregularities that could point security issues or improper use. Deploy to embedded network devices to act as a proxy for SSH connections.
Getting Involved
Currently packaged along with a web-server and can be downloaded from github
https://github.com/skavanagh/KeyBox/releases
