Abstract
Information processing in the era of big data is inseparable from the effective support of scientific computing. Complex scientific computing requires cloud computing to provide computing resources. One of the core foundations of Cloud computing is secure and reliable remote access technology. Users often log in to the remote server for scientific calculation. However, when users log in with public key, the steps are cumbersome. Therefore, this project develops a secure shell remote access information system for virtualized computing environment, which is called SSHRA for short. The system enables users to log in to the remote server more conveniently. The system can generate the corresponding certificate according to the public key provided by the user. Users use certificates for remote login. Users can obtain certificates through web or email. In addition, this system also designs an intelligent connection between multi hop servers. The system improves the security of remote login by limiting the IP, validity and available commands of the certificate. After users log in to the remote server with the certificate provided by the system, they can use commands to perform related operations. The system is developed based on open source software, so it has good scalability.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Gao, Y., Iqbal, S., et al.: Performance and power analysis of high-density multi-GPGPU architectures: a preliminary case study. In: IEEE 17th HPCC (2015)
Zhao, H., Chen, M., et al.: A novel pre-cache schema for high performance Android system. Futur. Gener. Comput. Syst. 56, 766–772 (2016)
Qiu, H., Qiu, M., Memmi, G., Ming, Z., Liu, M.: A dynamic scalable blockchain based communication architecture for IoT. In: Qiu, M. (ed.) SmartBlock 2018. LNCS, vol. 11373, pp. 159–166. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-05764-0_17
Thakur, K., Qiu, M., Gai, K., Ali, M.: An investigation on cyber security threats and security models. In: IEEE CSCloud (2015)
Gai, K., Qiu, M., Sun, X., Zhao, H.: Security and privacy issues: a survey on FinTech. In: Qiu, M. (ed.) SmartCom 2016. LNCS, vol. 10135, pp. 236–247. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-52015-5_24
Gai, K., Qiu, M., Elnagdy, S.: A novel secure big data cyber incident analytics framework for cloud-based cybersecurity insurance. In: IEEE BigDataSecurity (2016)
Ylonen, T., Lonvick, C. (ed.): The Secure Shell (SSH) authentication protocol. RFC 4252 (2006). https://doi.org/10.17487/RFC4252
Wendlandt, D., Andersen, D., Perspectives, A.P.: Improving SSH-style host authentication with multi-path network probing. In: USENIX Annual Technical Conference (2008)
Hardt, D.: The OAuth 2.0 authorization framework. RFC 6749 (2012). https://doi.org/10.17487/RFC6749
Jones, M., Bradley, J., Sakimura, N.: JSON web token (JWT). RFC 7519 (2015). https://doi.org/10.17487/RFC7519
Proctor, W.C., Storm, P., Hanlon, M.R., Mendoza, N.: Securing HPC: development of a low cost, open source multi-factor authentication infrastructure. In: International Conference for High Performance Computing, Networking, Storage and Analysis, pp. 1–11 (2017)
Ylonen, T.: SSH Key management challenges and requirements. In: 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–5 (2019)
Zhang, Z., Wu, J., et al.: Jamming ACK attack to wireless networks and a mitigation approach. In: IEEE GLOBECOM, pp. 1–5 (2008)
Qiu, H., Qiu, M., Lu, Z.: Selective encryption on ECG data in body sensor network based on supervised machine learning. Inf. Fusion 55, 59–67 (2020)
Qiu, M., Gai, K., Xiong, Z.: Privacy-preserving wireless communications using bipartite matching in social big data. Futur. Gener. Comput. Syst. 87, 772–781 (2018)
Andrews, R., Hahn, D.A., Bardas, A.G.: Measuring the prevalence of the password authentication vulnerability in SSH. In: IEEE ICC, pp. 1–7 (2020)
Gao, Y.A., Basney, J., Withers, A.: SciTokens SSH: token-based authentication for remote login to scientific computing environments. In: Practice and Experience in Advanced Research Computing, pp. 465–468 (2020)
Welch, V., Siebenlist, F., Foster, I., Bresnahan, J., et al.: Security for grid services. In: 12th IEEE International Symposium on High Performance Distributed Computing, pp. 48–57 (2003)
Tuecke, S., Welch, V., Engert, D., Pearlman, L., Thompson, M.: Internet X.509 public key infrastructure (PKI) proxy certificate profile. RFC 3820 (2004)
Alt, J., Ananthakrishnan, R., Chard, K., et al.: OAuth SSH with globus auth. In: ACM Conference on Practice and Experience in Advanced Research Computing (PEARC 2020), NY, USA, p. 12 (2020). https://doi.org/10.1145/3311790.3396658
Bockelman, B., Weitzel, D.: Scitokens/scitokens-CPP (Version v0.3.0) (2019). https://doi.org/10.5281/zenodo.265667
Tuecke, S., et al.: Globus auth: a research identity and access management platform. In: 2016 IEEE 12th International Conference on e-Science, pp. 203–212 (2016). https://doi.org/10.1109/eScience.2016.7870901
Acknowledgement
This work was partially supported by the Beijing Natural Science Foundation-Haidian Original Innovation Joint Foundation (Grant No. L182053), the National Natural Science Foundation of China (Grant No. 61702476).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Li, H. et al. (2022). Secure Shell Remote Access for Virtualized Computing Environment. In: Qiu, M., Gai, K., Qiu, H. (eds) Smart Computing and Communication. SmartCom 2021. Lecture Notes in Computer Science, vol 13202. Springer, Cham. https://doi.org/10.1007/978-3-030-97774-0_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-97774-0_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-97773-3
Online ISBN: 978-3-030-97774-0
eBook Packages: Computer ScienceComputer Science (R0)