SSH Key Management
Controlling the Secure Shell Environment
Full life-cycle control of your Secure Shell environment is an essential component of your Identity and Access Management framework.
Secure Shell keys provide access to some of the most critical information assets in the organization. Still, most organizations do not properly create, deploy, rotate, remove and monitor keys leading to major compliance and security problems.
A Compliance and Security Must Have
Not only is Secure Shell the preferred tool for remote administrative access, it is also widely utilized to secure machine-to-machine communications and business critical applications.
The current threat landscape and stringent compliance requirements demand that organizations are able to control who has access to what information in their Secure Shell environment.
SSH Key Management
SSH key management entails six must have components designed to keep your environment safe, secure and in compliance.
- Automated discovery of all trust-relationships. This includes all user keys that are authorized for login (“authorized keys”) and all private keys (“identity keys”). This must be done for all users on all servers and desktops.
- Policy enforcement for all key operations. By relocating all authorized keys to a root-owned location and changing SSH configuration accordingly, only the key manager (or root) can remove or install new authorized keys. Proper key management requires that you can detect unauthorized key operations occurring outside the key manager and generate alerts about policy violations.
- Automating key setups and removals. Eliminating manual work means eliminating human errors and reducing the number of administrators with access granting privileges. This greatly reduces the likelihood of either accidental or intentional harm caused by insiders. For greater efficiency, the key manager should be integrated with your user directories.
- Rotating keys regularly. Just like with passwords, key rotation is a best practice and also a compliance requirement. The longer a key remains in use, the more likely a lost or stolen copy can be used.
- Controlling key commands. Not only should you be able to control who has access to what, you should also be able to control what identities can do while operating inside your environment including where each key can be used from and what commands can be executed using the key.
- Continuous monitoring. Don’t guess; know. Proper key management requires that you can detect and alert on any non-approved key setups or removals. Ideally, you should be able to integrate this with your security intelligence architecture.