SSH the admins are sleeping…

Jeremy Stott

Have you ever wanted to know more about SSH authentication than you have ever wanted? Then this course is for you! We will learn all the wonderful secrets of secure shells together without waking the admins (I don’t know where I was going with this analogy, but it made a good title).

There is the humble password authentication method, public/private keys, hardware security keys, smart cards, agents, certificates, donuts, certificate authorities, TOTP, multiple authentication methods, FIDO2, sudo with certificates, and more (probably, maybe).

Often forgotten, and in my opinion one of the bigger challenges, is authorization. Sure you have a users public key, but how do you manage exactly which machines they can access and which they can’t?

If you are an administrator, you might learn practical ways to improve your SSH setup for your users.

If you are a user, you might learn practical ways to improve your SSH setup for your administrators ;)

Learnings

Learn about advanced SSH authentication methods, that are not really that scary and super cool.

Learn how to improve the security of their own SSH setups.

Get angry at apple for not compiling their bundled version of OpenSSH with hardware key support (shakes fist).

Attend the Training

Tickets are on Eventbrite.

About Jeremy

Jeremy gets excited about cloud providers announcing new features that fix their own security flaws, and likes to read payment processing standards for fun.

His background is in security, software engineering, and electronics with over 10 years of experience in misconfiguring cloud infrastructure, failing builds, runtime errors, and releasing blue smoke.

When his kids grow up, he will be able to pass on skills such as opening capacitive touch doors remotely, getting discounts at fuel pumps, and signing SSH certificates.