Details
-
New Feature
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
1.5.0
-
None
Description
While Apache Knox aids in helping to lessen the need to gain physical access
to deployment machines, there are still numerous compelling reasons for users
to require such access:
1. Debugging, log access, etc
2. CLI use and automation
3. beeline and other clients that are deployed to gateway machines
Gaining access to a shell for these purposes currently requires the user to have
an ssh client installed and valid credentials that can be used for ssh, such as:
username and password or SSH keys. Separate management of credentials for this
access introduces some additional complexities which may even violate enterprise
infosec policies and require the secure distribution and management of keys.
The intent of this proposed improvement is to add a browser based terminal application
that will provide secure access to a shell on the Knox machine. Just as any resource
exposed by or hosted by Knox, you would be able to protect access to this terminal
with any of the available security providers. We would also like to make this
available out of the box as available from the Knox Homepage. This would make the
terminal/shell available via KnoxSSO thus providing shell access with your existing
enterprise credential authenticated SSO session.
