Skip to Main Content
InterSystems Ideas
We love hearing from our users. Tell us what you want to see next and upvote ideas from the community.
* Bugs and troubleshooting should as usual go through InterSystems support.
Status Needs review
Categories InterSystems IRIS
Created by Scott Roth
Created on Oct 6, 2023

Using OpenSSH Key for Authentication in IRIS on System based accounts

For internal IRIS accounts like Admin, _system, etc... could we incorporate so mechanism to use encryption keys for Authentication instead of using passwords.

We have written a couple of shell scripts that login via Terminal and execute EnableConfigItem to control stop/start via the cron scheduler on our systems.

Those shell scripts currently have the password hardcoded within them, and have been tasked by our Security Audit to limit access to those passwords.

So what better to use then an Encryption key, that just has to be regulated a couple of times a year instead of having to update the password in multiple scripts/ locations and no one can read the key to find out the password

  • ADMIN RESPONSE
    May 15, 2024

    Thank you for submitting the idea. The status has been changed to "Needs review".

    Stay tuned!

  • Admin
    Vadim Aniskin
    Reply
    |
    Jan 22, 2024

    Scott Roth , you have a comment on your idea. Please answer it to help your idea to be promoted.

  • Dmitry Maslennikov
    Reply
    |
    Nov 17, 2023

    Actually if you saying only using with scripts, it have to be done by using

    SSH with keys + OS authentication in IRIS,

    optionally set irissession as shell for the user

    In this case, user will login to the server using the key and will sign in automatically with required access

    2 replies