SSH Host Key - What, Why, How
A host key is a cryptographic key used for authenticating computers in the SSH protocol.
ContentsHost Keys Should Be Unique Host Keys in OpenSSH Known Host Keys Management of Host Keys Host Certificates User Keys Tools for SSH Host Key Management
Host Keys Should Be Unique
Each host (i.e., computer) should have a unique host key. Sharing host keys is strongly not recommended, and can result in vulnerability to man-in-the-middle attacks. However, in computing clusters sharing hosts keys may sometimes be acceptable and practical.
Host Keys in OpenSSH
In OpenSSH, host keys are usually stored in the
/etc/ssh directory, in files starting with
ssh_host_<rsa/dsa/ecdsa/ed25519>_key (the location can be changed in server configuration files).
Host keys are normally generated automatically when OpenSSH is first installed or when the computer is first booted. The ssh-keygen program can be used for generating additional host keys or for replacing existing keys.
Known Host Keys
SSH clients store host keys for hosts they have ever connected to. These stored host keys are called known host keys, and the collection is often called known hosts. In OpenSSH, the collection of known host keys is stored in
/etc/ssh/known_hosts and in
.ssh/known_hosts in each user's home directory.
Management of Host Keys
Host keys are cryptographic keys. The private keys should only be accessible to root. However, system administrators having root access to a server can obtain the server's private host key. Likewise, if an attacker gains root access to the server, he can obtain a copy of the private host key.
Once the attacker has a copy of the private host key, he can perform man-in-the-middle attacks on the network to obtain user passwords and to inject new commands in other administrative sessions.
It is important to regularly change host keys. It is a complicated process and has to be done with due diligence.
Some SSH implementations support using certificates for authenticating hosts.
Tectia SSH supports standards-compliant X.509 certificates for host authentication. This allows the host certificates to be generated and managed using normal certificate management tools in an enterprise.
The free open source OpenSSH only supports its own proprietary certificate format. Using them requires developing and maintaining internal tools for host certificates.
Using host certificates instead of traditional host keys is generally strongly recommended. We have customers using X.509-compliant host certificates with Tectia SSH on over 40,000 hosts in a single enterprise.
Security architects and administrators should also be aware of the uniquitous use of SSH keys for user authentication. They are access credentials that should be taken into account in identity and access.
It turns out that many organizations have 10 times as many SSH keys as they have traditional user names and passwords granting access to their servers. Organizations that use SSH should assess their risks and based on the results, start planning for deploying SSH key management as an urgent endeavor. Due to their high numbers, the risk involved, and potentially very costly compliance ramifications, addressing SSH keys is one of the top-five critical security problems in enterprises today.
Tools for SSH Host Key Management
Host key management should be seen as part of broader SSH key management.
The Universal SSH Key Manager is the tool with the largest number of large deployments.