Readit News logoReadit News
SaltNHash commented on Show HN: KeyleSSH – SSH auth where the private key never exists   tide.org/blog/keylessh... · Posted by u/SaltNHash
SaltNHash · 2 months ago
Tide team here. Our dev Sasha built this PoC in a few weekends, using our SDK. Her core idea: Remove the risk of compromised keys, and the overhead of managing them at scale, by never having a key to steal. Instead the SSH signing operation is distributed across nodes using novel MPC-based threshold EdDSA – the key literally never exists in whole, not even momentarily in a TEE.

KeyleSSH is: - Browser-based SSH console - Auth via OIDC, signing via distributed novel MPC-based threshold EdDSA - appx 30 lines of core signing logic (the SDK does the heavy lifting)

It isn't (yet): - Production-ready. It's a PoC. - Fully decentralized. The nodes currently run on our testnet – we're working toward a proper decentralized mainnet. If you run infrastructure and are curious about operating nodes, happy to chat. - A silver bullet. Browser-based means endpoint compromise is still a threat vector.

Live demo: demo.keylessh.com Source: github.com/sashyo/keylessh

AMA about the protocol, the SDK, or the threat model.

Posted by u/SaltNHash 2 months ago
Show HN: KeyleSSH – SSH auth where the private key never existstide.org/blog/keylessh...
Posted by u/SaltNHash 6 months ago
The god mode vulnerability that should kill "Trust Microsoft" forevertide.org/blog/god-mode-vu...
Posted by u/SaltNHash 6 months ago
Show HN: Provably secure vibe coding is now a thingsecureaf.lovable.app/...
SaltNHash commented on Show HN: Open-source "God mode killer" IGA in Keycloak   github.com/tide-foundatio... · Posted by u/SaltNHash
josephcsible · 8 months ago
Does this make it impossible to have a "break glass" account?
SaltNHash · 8 months ago
Yes it does. It replaces it with a break glass quorum approved process.
SaltNHash commented on Show HN: Open-source "God mode killer" IGA in Keycloak   github.com/tide-foundatio... · Posted by u/SaltNHash
SaltNHash · 8 months ago
Hi HN,

Keycloak is a popular open‑source Identity & Access Management (IAM) server, but like most IAMs it lets any admin make instant, irreversible changes. In regulated or high-security setups that "god mode" is a nightmare.

We built Keycloak-IGA, a fork that bakes a light weight approval workflow into the server, which must be cleared before high stakes changes can go live:

Features include: - Draft → Pending → Approved states for user, role, client & realm changes - Quorum engine (default "70%" of admins) - four-eyes control enforced by code - Zero overhead unless you switch it on - Emits audit events aligned with PCI-DSS, SOX, ISO 27001, HIPAA, NIST 800‑53

Try it in a few mins git clone https://github.com/tide-foundation/keycloak-IGA cd keycloak-IGA docker compose up # spins a demo realm with IGA extensions pre-wired

Walkthrough video(4min): https://www.youtube.com/watch?v=BrTBgFM7Lq0

Looking for feedback on: - Does the built‑in model beat the usual "proxy + ticket + webhook" approach? - Is 70% quorum sane? Would you prefer fixed reviewers, AD groups, etc.? - What's missing before you'd trust this in prod?

Background & design notes: https://github.com/keycloak/keycloak/discussions/41350

MIT licensed, so fork away, and tell us what you think.

Thanks!

Posted by u/SaltNHash 8 months ago
Show HN: Open-source "God mode killer" IGA in Keycloakgithub.com/tide-foundatio...
Posted by u/SaltNHash 9 months ago
Ghost in the Network "User-as-key" architecturetide.org/blog/user-as-key...

Dead Comment

S

u/SaltNHash

KarmaCake day54June 13, 2019
About
Co-founder, deep tech cyber startup Tide Foundation
View Original