Large computing environments can comprise a plurality of entities such as computer devices, user accounts and users. A network host is a computer or other device connected to a computer network. A network host may offer information resources, services, and applications to users or other nodes on the network. A host may be a physical computing device or a virtual computing device (a virtual machine) or a container such as a Linux™ container or equivalent within a physical computing device. Each host may comprise or be associated with one or more user accounts, processes, and/or files. Hosts, user accounts, and other entities in the environment may be associated with groups, e.g., user groups.
Various arrangements for accessing hosts in computing environment by users can be configured. Example of these include web-based access, security protocol (e.g. secure shell protocol; SSH) based access, file transfer access, remote procedure call access, and/or software upgrade access. Such access may be used by, e.g., end users, automation, and/or by system administrators.
Gaining access to a particular entity such as a hosts or a set of hosts can be provided based on authenticators, for example keys or certificates. Different access solutions may include different ways of handling the authenticators, e.g. be based on use of local files or directories and/or central files, e.g., Active Directories, LDAP (Lightweight Directory Access Protocol) directories, NIS (Network Information System) directories), databases and so on. Thus information about authenticators may be in different locations where is has been configured and/or stored differently. Overall awareness of authenticators that may available in the system, and their implications may not be complete and can be difficult to achieve. For example, there can be old keys such as authorized public keys, stored locally in hosts that should no longer be in use. This can be problematic from the point of view of management of accesses to hosts in a network system. This can be particularly so in large network systems and organizations.