Sorry I have never used it so I don't have an opinion. That looks like an oauth/... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

LinuxBender on Jan 13, 2022 | parent | context | favorite | on: SSH Bastion Host Best Practices

Sorry I have never used it so I don't have an opinion. That looks like an oauth/openid/saml ssh integration?

unixhero on Jan 14, 2022 [–]

Yes and I have met it once when at a huge Telco, while doing my bastion host in AWS a security architect installed this and used Keycloak as the policy engine to allow connections using SSH keys. It worked really well and also gave us a very strong granular control on who could connect, and a great audit trail.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact