I-D Action: draft-ylonen-sshkeybcp-00.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A New Internet-Draft is available from the on-line Internet-Drafts directories.


	Title           : Automated Access Using SSH Keys - Current Recommended Practice
	Author(s)       : Tatu Ylonen
                          Greg Kent
                          Mitchell Klein
	Filename        : draft-ylonen-sshkeybcp-00.txt
	Pages           : 60
	Date            : 2013-02-18

Abstract:
   This document presents current recommended practice for configuring,
   managing, auditing, and associated policies around automated access
   to information systems, with particular emphasis on SSH user keys as
   authentication and authorization tokens but also looking into other
   automated access mechanisms, such as Kerberos.

   Starting with a review of authentication methods that can be
   configured for automated access, the document describes the risks
   involved when the management of automated access and SSH keys is
   neglected.  It scopes the extent of the problem in particular
   organizations, provides a detailed roadmap for bringing automated
   access and SSH keys under control, and presents recommendations on
   continuous monitoring and ongoing management of automated access in
   information systems.

   Various remedial actions are presented and mapped to the problems
   they address and residual risks in the event the recommendations are
   not implemented.

   Guidance is also provided on how to organize management of automated
   access with the objective of reducing the system administration
   burden and organization operational cost, and on tools for automating
   the process.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ylonen-sshkeybcp

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ylonen-sshkeybcp-00


Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt


[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux