Tatu
Revision as of 17:15, 5 March 2018 by Giuseppe.decandia (talk | contribs)
Overview
Named in honor of Tatu Ylönen, the inventor of SSH, Tatu is an OpenStack service that manages user and host certificates. Tatu can also start and manage bastion servers so that you don't have to (and you don't have to give every SSH server a public IPv4 address).
Tatu provides APIs, Horizon Dashboard Panels and OpenStack CLI that allow:
- Users to obtain SSH user-type certificates (per project) for their public key, with permissions corresponding to their roles in the project.
- OpenStack VM (or bare metal) instances to obtain a host SSH certificate for their public key, and to configure user accounts corresponding to Keystone roles.
More Information
- Slides (February 2018)
- Early demo video (without Keystone role integration)
- Single-feature demo video of integration with Uber's pam-ussh module.
Get Involved
Launchpad Projects | Tatu |
Code Repositories | Tatu TatuClient TatuDashboard |
Blueprints | Tatu Blueprints |
Code Review | Tatu TatuClient TatuDashboard |
Bug Tracking | Tatu |
IRC Channel | #openstack-tatu on freenode.net
|
Mailinglist | Drop emails to openstack-dev with tag [Tatu] in the subject.
|
Weekly Meetings | We have a regular slot in the Security SIG's weekly meeting starting March 8, 2018 (until we reach critical mass). |