For internal IRIS accounts like Admin, _system, etc... could we incorporate so mechanism to use encryption keys for Authentication instead of using passwords.
We have written a couple of shell scripts that login via Terminal and execute EnableConfigItem to control stop/start via the cron scheduler on our systems.
Those shell scripts currently have the password hardcoded within them, and have been tasked by our Security Audit to limit access to those passwords.
So what better to use then an Encryption key, that just has to be regulated a couple of times a year instead of having to update the password in multiple scripts/ locations and no one can read the key to find out the password
Thank you for submitting the idea. The status has been changed to "Needs review".
Stay tuned!
Scott Roth , you have a comment on your idea. Please answer it to help your idea to be promoted.
Actually if you saying only using with scripts, it have to be done by using
SSH with keys + OS authentication in IRIS,
optionally set irissession as shell for the user
In this case, user will login to the server using the key and will sign in automatically with required access