SSH key management and SSH certificate management are vital to system security, but what does SSH do, what is SSH key management, and how do you manage SSH keys? We’re breaking down the basics to help you get started with SSH keys and learn why managing them can help companies maintain network security.
Management of your SSH keys means maintaining controlled access to your resources and credentials by allowing differing levels of access and control, tracking which keys are compromised during attacks, and controlling the provisioning and deprovisioning of your keys through your IT department. Effectively managing your SSH keys ensures that no one has access to critical work products or root level access who does not need it for the position they are in. So what does SSH key management mean? It all boils down to keeping your system secure by knowing who has access to keys and ensuring keys that are no longer necessary are decommissioned.
SSH, also known as Secure Shell or Secure Socket Shell, has a variety of uses for network administrators in managing their data communication and systems. For network administrators, SSH is mainly used for communication between computers over unsecured, open networks on the internet. SSH allows network administrators to log in and exchange important data over open networks, as well as remotely manage and control applications, move files, and execute commands.
Here are a few more capabilities that answer, “What does SSH do?”:
SSH is a secure way to initiate remote computer access and enable terminal sessions. Although SSH can be used with passwords and IDs to log in to the network, it’s more common to use public key authentication because it provides greater security.
If you’re curious as to why SSH is used, the answer is pretty straightforward: SSH keys were designed to provide access to the SSH protocol, which allows for remote computer login while maintaining network security. SSH is used because it is very secure and therefore ideal for performing critical tasks, managing network infrastructure, and executing commands remotely.
Although passwords can be used to access the SSH portal in place of SSH keys, they are not recommended because they have a lower level of security and are easier to crack. SSH keys, on the other hand, use prime numbers in long strings that are much more secure and difficult for hackers to figure out.
As businesses grow and develop, the number of SSH keys they need increases—sometimes dramatically. This is because each person receives their own set of SSH keys for authentication. Provisioning multiple keys can become tricky to manage over time, and it is not uncommon for large Fortune 500 companies to have millions of SSH keys to manage. Now that you know why SSH is used, let’s move on to what SSh key management is and why it’s important.
The process of managing and securely administering cryptographic keys in a cryptosystem is commonly referred to as SSH key management. Companies require SSH key management to oversee the creation, generation, storage, exchange, protection, replacement, and crypto-shredding of SSH keys to maintain cryptosystem security. The answer to “What is SSH key management?” also includes recording who has access to keys, what context keys are used in, and where these keys are used.
SSH key management is a difficult task, but managing your SSH keys is vital for system and company security. Aside from the challenges and liabilities SSH keys present, there are other security issues to be aware of as well—mainly human error. Providing training on system policies and managing interdepartmental interactions can significantly help reduce the risk that SSH keys will be compromised because of human error or carelessness. While SSH keys sound perfectly secure on paper, the reality is that people are fallible and mistakes can be made that compromise system security.
Without a system for monitoring your SSH keys, SSH key management is significantly more difficult. This is where a key management system or KMS can assist management in protecting keys and metadata for your cryptosystem. While you can opt to manage your keys manually, it opens a host of concerns. This is because manually managing your SSH keys is time-consuming, prone to user errors, and makes it difficult to compile information during mandatory audits.
A key management system is designed to help you manage symmetric and asymmetric encryption keys throughout its lifecycle. A KMS provides you with automated distribution, automated key updates, support for business processes, and easy access to information—making audits and compliance easier. A KMS also helps with the main challenges of SSH key management, including reducing repetitive tasks for personnel, orchestrating key delivery between systems—reducing the issue of isolated systems—and setting clear key responsibilities to avoid confusion.
A good key management system can help businesses save time and money by streamlining the organization and management of SSH keys. Knowing the answer to “What is a key management system?” makes it significantly easier to decide whether a KMS can assist in managing your cryptosystem security and streamline your SSH key management approach.
SSH certificates require similar provisions, policies, and termination procedures as passwords and user accounts, such as being monitored and regularly changed to ensure network security. However, although they require similar provisions and appear similar to user accounts and passwords, they function as authentication credentials that help keep your system secure.
Used mostly by power users and sign-on admins, SSH certificates provide better security and convenience when they are correctly controlled and managed. SSH certificates are used to manage operating systems, configurations, networks, and are usually included in file transfer tools to increase system security and provide authentication details.
If you’re wondering, “Are SSH key more secure than passwords?” there are a few things to consider, as both SSH keys and passwords have pros and cons when it comes to their use. Here are some of the main pros and cons for passwords and SSH keys that can help you determine which system is more secure.
Although passwords have set expiration dates that help with security, SSH keys are considered much more secure because the cons present a significantly reduced risk. This makes them ideal for transferring sensitive or confidential data.
If you’re wondering how to manage SSH keys and use them effectively, we’re happy to get you started. SSH key management often involves connecting remote accounts without the use of a password for access. You can manage accounts by connecting shared accounts using asymmetric encryption for secure access. This is especially useful for accounts that you frequently need to access so you don’t need to constantly enter a username or password on the remote account.
SSH key management is incredibly important because they allow access to systems in much the same way as a username and password. These SSH keys are used to provide users with access to databases, firewalls, financial data, payment systems, patient information, intellectual property rights, and more. Because many large organizations have thousands, if not millions, of keys in use, a lack of control and oversight for users creating additional keys leaves dangerous backdoors open, violates corporate security, and can result in serious consequences. Managing your SSH keys and deprovisioning those that are no longer necessary can help prevent major security breaches.
Companies that use SSH keys on a large scale need to follow overarching SSH protocols to maintain security. Below are 6 important steps outlining how your company can use SSH keys:
Establish a Baseline
For SSH key management to be effective, organizations must understand where keys are deployed and used, who has access to them, and what trust relationships have been established within the network. Only once this information is readily available can any organization start to establish a baseline of key usage in the enterprise network. After establishing this baseline, organizations can reduce their risk profile simply by identifying and investigating any deviation from the baseline. They will then be able to easily detect any rogue keys that are inserted into the network.
After an organization has an accurate inventory of all keys used and deployed within the environment, it needs to establish and enforce a security policy. To strengthen the organization’s security posture, system administrators must look at the configuration of their SSH key and remove any vulnerable keys. Specifically, they should follow the NIST recommendation to replace keys with a length of 1024 bits or shorter with 2048-bit keys. Weak hashing algorithms, like MD5 that is considered obsolete, should be replaced by stronger algorithms.
Regular Rotation of Keys
Many organizations, having poor certificate and SSH key management processes, generate keys once and then use those keys for many years. Like passwords, SSH keys grant access to sensitive information and enhanced privileges. Keeping the same key for years is like setting a password and then never changing it. Traditional fixed password policies force users to change their passwords every 30, 60, or 90 days, depending on the account type. Organizations should enforce the same policies for SSH keys. Automated policies should rotate keys periodically to proactively prevent attacks if a key is lost or stolen. These measures will significantly reduce the organization’s threat surface.
A central policy should specify how SSH keys are generated and dictate valid key configuration attributes (such as key length, hash algorithm, and more). Above all, the organization needs a plan for enforcing this policy to comply with regulations, best practices, and NIST guidelines. Key generation should be centralized and controlled; users should be granted access rights for generating specific keys. Policies should also control which clients can access a host using an SSH key and the level of access granted to those clients. For example, policies can specify valid IP addresses or hostnames for clients. They should also dictate which commands can be executed on the host. Such policies will help increase the overall security posture of SSH.
After obtaining an accurate inventory of SSH keys and their usages and then taking control of the trust relationships, the organization must maintain that control. It must monitor the environment on an ongoing basis in order to detect changes that could lead to attacks and breaches. Organizations should track applications that leverage SSH for authentication, authorization, and communication to establish a baseline of SSH key usage and a map of valid trust relationships. System administrators can then easily and continuously detect and remediate any anomalous usage of SSH keys.
Securely Configured Systems
Servers only remain secure if the measures that control access to them comply with strong security policies. Therefore, public-private key authentication is recommended for all SSH servers. When the server permits password-based authentication, attackers can more easily gain unauthorized access to the system. On the other hand, private key authentication, or even certificate-based authentication, dramatically increases the expense for an attacker to gain access. In fact, as the examples earlier in this paper demonstrated, these measures make breaches nearly impossible—as long as the private key is properly protected from compromise.
Now that you know about SSH key management, why SSH certificate management is important for system security, as well as the answers to “What does SSH do?”, “What is SSH key management?”, and “How do you manage SSH keys?”, see how Venafi can help you and your business with SSH key management.
Finding the right management system is important for businesses looking to streamline SSH key management and improve their overall system security. Contact Venafi today to learn more about the products and solutions we offer to protect and secure your business.