Better SSH management with ephemeral keys

Presented at BSidesSF 2017, Feb. 12, 2017, 2:50 p.m. (30 minutes).

SSH is a great, safe protocol that almost everyone uses for managing their servers and infrastructure. However, failures in SSH user management has lead to multiple news-worthy infrastructure compromises. This talk introduces the audience to Netflix's Bless and Lyft's Blessclient, which Lyft is open-sourcing. The combination of these tools has allowed Lyft to improve the security of our SSH accounts, as well as empowering engineers to manage their SSH keys themselves.


Presenters:

  • Chris Steipp
    Chris Steipp is a long-time security engineer with a background in development, penetration testing, and building secure software. He is passionate about open source and open culture, and formerly managed security for the Wikimedia Foundation. He likes breaking things in his spare time. And whiskey.
  • Vivian Ho
    Vivian Ho is a software engineer on the security team at Lyft. Fresh out of university, Vivian is interested in designing and building cool software to protect all the things. A fan of RPG games and molecular gastronomy.

Links:

Similar Presentations: