What are the security aspects associated with the ‘Mac Live Terminal’ feature?
The Live Terminal feature in Hexnode delivers the highest level of console access to your macOS devices. You can remotely access the devices’ command-line interface (Terminal) and execute system-level commands by establishing an SSH session.
So, the Live Terminal feature, at its core, is designed to ensure security during each session. Here’s the list of some security mechanisms that Hexnode puts in place to ensure a secure SSH session:
- For each session, Hexnode generates an encrypted public/private key pair that will be automatically removed as the session expires.
- The SSH user (responsible for establishing an SSH session) is hidden from all home directories and UI options so that the user cannot interfere with any other users on the devices.
- The SSH session is validated to verify that both the client and the agent are on authorized machines.
- A random password is generated during the creation of the SSH user to secure devices and ensure that no password is the same for multiple devices.
- The SSH user is added as a sudoer in the /etc/sudoers file to prevent any sort of file modification.