Since Addigy LiveTerminal provides the highest level of console access to your Mac devices, we heavily prioritized the security of its design.
These are some of the security mechanisms put in place to ensure security integrity of Addigy LiveTerminal and its tunneled sessions:
- An encrypted public/private key pair is generated for each session that is removed at the expiration of the session.
- The session is validated using the client’s and agent’s Addigy credentials to verify that they are on authorized Addigy machines.
- A secondary public and private secret are passed to the server and agent to be verified upon establishing a connection.
- An AddigySSH user is hidden from all UI options and home directories so the user is essentially a ghost and will not disturb any other users on the agent. (home directory is located at /var/AddigySSH)
- A random 32 character UUID4 is generated as the password during the creation of the AddigySSH user ensuring no password is the same from device to device and will be extremely secure.
- The AddigySSH user is added as a sudoer in the /private/etc/sudoers.d/AddigySSH-perm file, which is pointed to from the /etc/sudoers file in order to ensure that the file is not modified in any way.