You are viewing the 2025 edition of FOSDEM. Click here to view the 2026 edition

Integrating Intel TDX remote attestation into SSH

Name: Integrating Intel TDX remote attestation into SSH
Start: 2025-02-01T10:00:00
End: 2025-02-01T10:00:00
Location: K.4.401

K.4.401 | Day 2 | 10:00 - 10:15 | Speakers: Fabian Wesemann

Copy link

Copy link

Stream opens at 10:00 (Europe/Brussels)

Get involved in the conversation!Join the chat

Notes

Abstract

In this talk, I will present a prototype integration of Intel TDX’s remote attestation feature into the SSH protocol.

By extending SSH, we ensure connections are only made to hosts within Trusted Domains. Since SSH is a widely used protocol for data transfer and network tunneling, many applications can benefit from this effort.

The focus will be on the design and principles of the challenge-response protocol, which has been prototyped using OpenSSH and the Microsoft Azure Attestation service.

Attachments

Slides (pdf)

Speakers

Fabian Wesemann

External Links

Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.