HIBA: Host Identity Based Authorization(github.com)
github.com
HIBA: Host Identity Based Authorization
https://github.com/google/hiba
18 comments
In many Slavic languages (and also in Hungarian) hiba/chiba/chyba means mistake :)
If people who speak Slavic languages can drive a car called Škoda, they can use a tool called HIBA.
In Romanian, probably through slavic origins, it means specifically 'the flaw'.
In Russian it means…
… it doesn’t mean anything.
… it doesn’t mean anything.
In Polish it means roughly “surely“, alternatively „I guess“.
...or "maybe".
In modern Polish. The meaning derives from the old Polish word meaning mistake too :)
It doesn’t derive anything. The word had a different meaning before XX century. Modern usage is to weaken the statement, the closest I can immediately think of is „possibly”. On chyba śpi = he possibly sleeps.
Or you could just implement Host Identity Protocol https://en.wikipedia.org/wiki/Host_Identity_Protocol
I don't see how HIP helps with authorization?
Seems like an open way to get what AWS SSM authnz provides.
This is definitely interesting. I'd be interested in a functional comparison with ssh using kerberos. Is the difference that each host can be totally independent? Does this project require a separate certificate management system? Perhaps you could use IPA or similar for your everyday machines, and HIBA for rarely accessed computers that you don't want in your domain.
[deleted]
[1]: https://engineering.fb.com/2016/09/12/security/scalable-and-...