Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Player FM - Internet Radio Done Right
Checked 1+ y ago
two 年前 前追加した
Contenu fourni par Teleport. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par Teleport ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Player FM - Application Podcast
Mettez-vous hors ligne avec l'application Player FM !
Mettez-vous hors ligne avec l'application Player FM !
Protocol
Tout marquer comme (non) lu
Manage series 3488489
Contenu fourni par Teleport. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par Teleport ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Audio versions of Teleport best technical blog posts. https://goteleport.com/blog/
…
continue reading
11 episodes
Tout marquer comme (non) lu
Manage series 3488489
Contenu fourni par Teleport. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par Teleport ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Audio versions of Teleport best technical blog posts. https://goteleport.com/blog/
…
continue reading
11 episodes
すべてのエピソード
×![Artwork](/static/images/128pixel.png)
1 Preview: Identity-Native Infrastructure Access Management 37:50
37:50
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé37:50![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
Chapter 1 Preview. Preventing Breaches by Eliminating Secrets and Adopting Zero Trust Download PDF: https://goteleport.com/resources/books/indentity-native-infrastructure-access-management/ Traditional secret-based credentials can't scale to meet the complexity and size of cloud and on-premises infrastructure. Today's applications are spread across a diverse range of clouds and colocation facilities, as well as on-prem data centers. Each layer of this modern stack has its own attack vectors and protocols to consider. How can you secure access to diverse infrastructure components, from bare metal to ephemeral containers, consistently and simply? In this practical book, authors Ev Kontsevoy, Sakshyam Shah, and Peter Conrad break this topic down into manageable pieces. You'll discover how different parts of the approach fit together in a way that enables engineering teams to build more secure applications without slowing down productivity.…
![Artwork](/static/images/128pixel.png)
1 Setting Up an SSH Bastion Host 10:18
10:18
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé10:18![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
What is an SSH bastion and how is this different from an SSH jump server or an SSH proxy? https://goteleport.com/blog/ssh-bastion-host/ What is an SSH bastion and how is this different from an SSH jump server or an SSH proxy? In this post, we’ll answer this question and will show you how to set it up using two popular open source projects. OpenSSH is the older and better known SSH server. It comes pre-installed by default with the vast majority of Linux distributions and is the easier option to get started with. Teleport is a much newer SSH server, its first production-quality release came out in 2016. Teleport has been optimized for elastic multi-cloud environments and supports other access protocols in addition to SSH. Both Teleport and OpenSSH support bastions, and they are extremely similar as they are both single-binary Linux daemons. Both require a…
![Artwork](/static/images/128pixel.png)
1 SSH Best Practices using Certificates, 2FA and Bastions 23:03
23:03
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé23:03![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
The industry best practices for SSH security include using certificates, two-factor authentication, and SSH bastion hosts. B https://goteleport.com/blog/how-to-ssh-properly/ There's no denying that SSH is the de facto tool for *nix server administration. It's far from perfect, but it was designed with security in mind, and there's been a huge amount of tooling written over the years to make it easier to use. In addition, many popular products and just about every server deployment system integrate with SSH somehow. It is universally supported across pretty much all architectures and distributions, from Raspberry Pi's all the way up to massive supercomputer clusters.…
The most common failures we’ve encountered with Kubernetes https://goteleport.com/blog/troubleshooting-kubernetes-networking/
![Artwork](/static/images/128pixel.png)
1 Anatomy of a Cloud Infrastructure Attack via a Pull Request 11:50
11:50
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé11:50![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
Hacked via a Pull Request https://goteleport.com/blog/hack-via-pull-request/
![Artwork](/static/images/128pixel.png)
1 How SAML 2.0 Authentication Works? 17:04
17:04
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé17:04![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
Security Assertion Markup Language (SAML) 2.0 is one of the most widely used open standard for authentication and authorizing between multiple parties. https://goteleport.com/blog/how-saml-authentication-works/ At its core, Security Assertion Markup Language (SAML) 2.0 is a means to exchange authorization and authentication information between services. SAML is frequently used to implement internal corporate single sign-on (SSO) solutions where the user logs into a service that acts as the single source of identity which then grants access to a subset of other internal services. The advantage of adopting SAML/SSO from a security perspective are clear: Single source of identity. When an employee joins or leaves a company, you don’t have to worry about the myriad of internal services that now have to be updated, and the ones that will inevitably be missed. Enforce consistent authentication. SAML/SSO can be used to enforce consistent method of authentication across all internal corporate services, like multifactor authentication and session duration. This particular post will be focused on providing an overview of the how and why of SSO and SAML.…
In this blog post we’ll cover how to set up an SSH jump server. We’ll cover two open source projects. A traditional SSH jump server using OpenSSH. The advantage of this method is that your servers already have OpenSSH pre-installed. https://goteleport.com/blog/ssh-jump-server/ What is an SSH Jump Server? An SSH jump server is a regular Linux server, accessible from the Internet, which is used as a gateway to access other Linux machines on a private network using the SSH protocol. Sometimes an SSH jump server is also called a “jump host” or a “bastion host”. The purpose of an SSH jump server is to be the only gateway for access to your infrastructure reducing the size of any potential attack surface. Having a dedicated SSH access point also makes it easier to have an aggregated audit log of all SSH connections. Why not call it an SSH proxy? Partly due to historical reasons. In the earlier days of SSH, users had to SSH into a jump host and from there, they had to type ssh again to “jump” to a destination host. Today, this is done automatically using the ProxyJump option.…
![Artwork](/static/images/128pixel.png)
1 How OIDC Authentication Works 22:52
22:52
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé22:52![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
What is OIDC and How it works. Did you know that in the United States, the Social Security Number was never intended to become the defacto method for physical identification? On its surface, this may come as a shock given how ubiquitously SSNs are used for this exact reason, but looking beneath the surface, we find that SSNs are terrible forms of identification. Ignoring the security concerns of a nine digit numeric code, an SSN is not for universal identification. Rather, it represents an impersonal abstraction of a person that is intended for a narrow use-case. However, the convenience of a universally accepted method of identification was too great to pass up, and we now find ourselves stuck in a troublesome place: How do we let institutions authenticate our identities without relying on a unique identifier that can be easily compromised? While we do not yet have a universally secure authentication method for our physical identities, we have come to solve this problem in the digital world. In this article, we will explore this same conundrum for our online identities in the form of the authentication layer, OIDC, built on the authorization protocol, OAuth. After a brief introduction to the topic of authentication and authorization, we will compare two common authentication methods (OIDC and SAML), discuss how OIDC works in relation to OAuth, and run through a brief case study.…
![Artwork](/static/images/128pixel.png)
1 Comparing SSH Keys - RSA, DSA, ECDSA, or EdDSA? 15:13
15:13
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
Aimé15:13![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
What’s worse than an unsafe private key? An unsafe public key. https://goteleport.com/blog/comparing-ssh-keys/
Yes! https://goteleport.com/blog/do-we-still-need-a-bastion/
All tunneling features supported by OpenSSH In this post, I’ll cover different tunneling features as supported by OpenSSH, which helps achieve security use cases such as remote web service access without exposing ports on the internet, accessing servers behind NAT, exposing local ports to the internet. OpenSSH is the most widely used open-source SSH server. It comes pre-installed by default with the vast majority of Linux distributions. https://goteleport.com/blog/ssh-tunneling-explained/…
Bienvenue sur Lecteur FM!
Lecteur FM recherche sur Internet des podcasts de haute qualité que vous pourrez apprécier dès maintenant. C'est la meilleure application de podcast et fonctionne sur Android, iPhone et le Web. Inscrivez-vous pour synchroniser les abonnements sur tous les appareils.