PrivX uses short-term credentials to provide just-in-time access to servers.

Access is granted based on the user's role. Provisioned credentials
are created on demand, only valid for a short time, and never stored
to disk.

Improve security
Access to endpoints is provisioned using on-demand short-lived
certificates that are valid for only a few minutes and never written
to disk nor exposed to end-users. This completely eliminates the risk
of credential theft, removing the greatest security risk in privileged
access management.

Reduce costs
PrivX works using existing SSH clients and servers, so there is no
need to add or replace components of the SSH infrastructure. The lack
of dependence on external components translates to minimal disruptions
to network infrastructure, and reduced maintenance costs.

Using short-lifetime access certificates provided by PrivX eliminates
the need for certificate revocation or key rotation.
https://help.ssh.com/support/solutions/articles/36000036925-privx-administrator-manual#idp4

Comments

Popular posts from this blog

How to delete / clear queue of PowerMTA