This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP KeyBox"

From OWASP
Jump to: navigation, search
(Links)
(News and Events)
Line 61: Line 61:
 
== News and Events ==
 
== News and Events ==
 
<span style="color:#ff0000">
 
<span style="color:#ff0000">
 +
* 2015-03-13: Release - [https://github.com/skavanagh/KeyBox/releases/tag/v2.82.00 KeyBox v2.82.00]
 
* 2015-03-03: Release - [https://github.com/skavanagh/KeyBox/releases/tag/v2.80.00 KeyBox v2.80.00]
 
* 2015-03-03: Release - [https://github.com/skavanagh/KeyBox/releases/tag/v2.80.00 KeyBox v2.80.00]
 
* 2015-02-25: Release - [https://github.com/skavanagh/KeyBox/releases/tag/v2.76.00 KeyBox v2.76.00]
 
* 2015-02-25: Release - [https://github.com/skavanagh/KeyBox/releases/tag/v2.76.00 KeyBox v2.76.00]

Revision as of 23:44, 13 March 2015

OWASP Project Header.jpg

OWASP KeyBox Project

KeyBox is a web-based SSH console that centrally manages administrative access to systems. It combines key management and administration through profiles assigned to defined users. KeyBox layers TLS/SSL on top of SSH and can act as a bastion host.

Description

KeyBox is a web-based SSH console that centrally manages administrative access to systems. KeyBox combines key management and administration through profiles assigned to defined users.

Administrators can login using two-factor authentication with FreeOTP or Google Authenticator . From there they can create and manage public SSH keys or connect to their assigned systems through a web-shell. Commands can be shared across shells to make patching easier and eliminate redundant command execution.

KeyBox layers TLS/SSL on top of SSH and acts as a bastion host for administration. Protocols are stacked (TLS/SSL + SSH) so infrastructure cannot be exposed through tunneling / port forwarding. More details can be found in the following whitepaper: The Security Implications of SSH. Also, SSH key management is enabled by default to prevent unmanaged public keys and enforce best practices.

Licensing

Apache 2.0

Download

Download now

Project Leader

Sean Kavanagh

Links

Classifications

Project Type Files TOOL.jpg
Incubator Project
Owasp-defenders-small.png
Apache 2.0

News and Events

  • I have a reverse-proxy that already terminates TLS/SSL, how do I disable TLS/SSL?
In the jetty directory edit the start.ini file and set
--module=https
to
--module=http
and change jetty.port=8443 to the needed port to be and restart. More information on jetty can be found - Jetty Documentation

Contributors

Sean Kavanagh

Special Thanks

JSch Java Secure Channel - by ymnk

terms.js A terminal written in javascript - by chjj

Road Map

Add ability to save session and command line information to a large data store so it can be audited and reviewed. Compute and flag irregularities that could point security issues or improper use. Deploy to embedded network devices to act as a proxy for SSH connections.

Getting Involved

Currently packaged along with a web-server and can be downloaded from github

https://github.com/skavanagh/KeyBox/releases


Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_KeyBox&oldid=191398"