Over 25 years ago at a Finnish university, Tatu Ylönen created the Secure Shell (SSH) protocol after having fallen victim to a campus-wide network breach. Shortly after, he founded SSH — a company named after what is arguably the most revolutionary and widely-implemented cybersecurity tool in the world. 95% of the internet is currently powered by our SSH protocol.
But the cybersecurity landscape is evolving. While traditional privileged access management (PAM) solutions might handle vaulting passwords, they are failing to support the management of other credentials like SSH keys in enterprise environments, where thousands of keys may exist at any given time.
They also might not be securing passwords in the most efficient way.
In this article, we’ll explore the benefits of centralizing password and encryption key management into a single solution and explore how to do it in the most efficient and secure way possible.
What’s the Difference Between Passwords and SSH Keys?
Although functionally different, passwords and SSH Keys are both critical credentials.
Both passwords and SSH keys are types of access credentials that are leveraged to remotely connect an individual to a private database, network, or interface — but they achieve this in different ways.
Despite the differences in the way passwords and SSH keys function — and without going into technical details — one thing is clear; both must be safeguarded and properly managed to prevent breaches that could cost your enterprise its reputation and potentially thousands or even millions of dollars.
If you recognize the importance of protecting your passwords, then you must also recognize the importance of securing your SSH keys. Both should be managed with the same diligence, logic, and — for comprehensive protection — the same user interface.
The Problem With Traditional PAM Solutions
According to Verizon’s 2021 Data Breach Investigations Report, 85% of breaches were caused by human error, with 60% of breaches targeting credentials. To combat this, many organizations and individuals employ traditional PAM solutions.
PAM tools help enterprises provide secure privileged access to critical assets and meet compliance requirements by monitoring and managing privileged accounts and access. They also vault and rotate privileged passwords to ensure they are used responsibly.
But what about SSH keys?
The truth of the matter is that many companies fail to realize the necessity for managing SSH keys. Although the hacking and theft of hidden private keys are rare, human error could lead to undetected leaks and vulnerabilities that could be exploited by cybercriminals.
Also, even more so than passwords in general, SSH keys grant typically access to something especially valuable, such as:
- Credit card and medical data
- Tax records and Intellectual Property Rights (IPR)
- CI/CD pipeline and provisioning tools (Ansible, Chef, Puppet, Bladelogic)
- Cloud servers and containers or firewalls and network devices
For the individual, traditional privileged access management solutions are likely to offer sufficient protection — but for the average enterprise, these solutions can be a liability.
Universally Shared Credentials Risk Exposure
In enterprise environments, credentials often need to be shared between colleagues, and even with external organizations. In many cases, employees leverage the same username and password for multiple company accounts, heightening the risk that they will be accidentally leaked or stolen.
Even the most meticulous and attentive employee can slip up. In a study conducted by Tessian, Professor Jeff Hancock of Stanford University identifies the three main factors contributing to human errors that compromise an enterprise's security posture:
- Convincing phishing emails
- Stress and weariness
- Lack of cybersecurity knowledge
What’s more, 85% of IT professionals share account credentials. Sharing credentials and unidentified direct access to critical data is a dangerous combination.
When passwords and credentials are in circulation between employees or companies, each of the factors above is significantly more likely to result in a breach.
Traditional PAM Solutions Can’t Comprehensively Manage SSH Key Inventories
Some enterprises may be under the impression that their SSH keys are in good hands with their PAM solutions. In reality, only 20% of SSH keys are vaulted. This misapprehension means that many companies have failed to invest in a reliable and comprehensive approach to managing their SSH keys.
As a result, most enterprises aren’t aware of how their SSH keys are being used, what they’re being used for, their location, who uses them, or how they’re being shared.
While traditional PAM systems are capable of managing SSH keys, they fail to do so comprehensively. In corporations, SSH keys outnumber passwords 10 to 1, and up to 80% of these go undetected by traditional solutions.
Why is this the case?
As mentioned earlier, SSH keys function differently, so discovering and managing them at enterprise level requires different types of technologies and expertise than the management of passwords. An apt example of this is machine-to-machine connections, which often run with SSH keys but are not onboarded to PAMs. This means that they can be difficult to identify by traditional PAM, particularly as many keys will inevitably be hidden in repositories or behind other servers.
There are many different types of SSH keys — ranging from open source to proprietary implementations — some of which standard PAM solutions simply aren’t designed to identify.
The Importance of Protecting Your SSH Keys
Since SSH keys consist of corresponding pairs of private and public keys, a stolen key being used for malicious purposes can easily go undetected. This is because if the key itself is legitimate, your existing security controls may well perceive the access itself as legitimate.
This means that if a hacker were to acquire a legitimate key, providing powerful access, your current security solution may not even detect the hack.
The reality that traditional security controls can be oblivious to SSH key compromise makes it all the more critical that SSH keys are kept secure. And, arguably, even more important than securing passwords.
Why Are So Many Companies Failing to Address SSH Keys?
Although SSH keys are known to be highly secure channels for providing access to private servers and networks, they are not being treated as such.
It could be argued that the characteristics of SSH keys may be contributing to the common misconception that they are less vulnerable to cyberattacks.
SSH Keys Are Complex But Not Invulnerable
A “strong” password is generally considered to be one of a reasonable length that combines upper and lowercase letters, special characters, and numbers. In comparison, SSH keys consist of lengthy strings of specialized coding.
The complexity of SSH keys contributes to the misconception that SSH keys are significantly less vulnerable to hacking attempts. However, because SSH keys are widely mismanaged, misplaced, and misused, they are highly susceptible to cyberattacks.
SSH Keys Aren’t Recognized as Access Credentials
SSH keys, and their purpose, are also widely misunderstood. There are many different types of keys — such as host keys, identity keys, authorization keys, and session keys — each of which serve a unique purpose and provide varying levels of access.
Despite this, many individuals do not recognize SSH keys as access credentials and, as such, do not fully understand the level of security required to protect them.
Educating employees on the degree of power that each key holds is vital to ensuring that they are being handled with the appropriate care and caution.
Murky or Non-Existent Management Accountability
Companies that lack a comprehensive and reliable form of SSH key management may also lack a direct source of accountability. In this case, thousands upon thousands of keys are being produced, used, and abandoned in favor of newer keys, without a clear sense of who is overseeing them.
Third-party IT companies may complicate accountability measures further. In the event of a breach, unclear accountability and a lack of reporting processes may render identifying the root cause of the breach impossible. Centralizing the management of keys and passwords into one solution allows for greater visibility, accountability, and control over your company’s security posture.
The Sheer Number of Keys to Manage Might Seem Like an Insurmountable Problem
Since SSH keys accumulate over the years, because they never expire, their numbers often grow beyond an enterprise’s management capabilities. When discovering the size of their key estate, we often find that our customers are faced with the issue of managing hundreds of thousands of encryption keys dispersed across their IT landscape.
Enterprises simply don’t have the required tools or expertise to take control of this problem in any sensible or affordable manner.
“What if I break something critical?”
Not knowing all the complicated interconnections between servers and clients leads to another problem. Even if you identify a policy-violating key, how can you be sure you aren’t disrupting a critical transaction?
SSH keys not only provide one-to-one connections but also one-to-many. This means that one single encryption key could be a critical part of even hundreds of automated file transmissions in a bank.
Choose Our Universal SSH Key Manager® for Zero Trust key management
With our UKM Zero Trust (UKM), you can centralize all of your critical access credentials in one location for easy surveillance and maintenance. For added security assurance, UKM Zero Trust also identifies all SSH keys — even those that would ordinarily slip through the cracks with traditional enterprise key solutions.
UKM Zero Trust fortifies your security infrastructure by:
- Running an initial SSH key risk assessment to determine the flaws in your company’s existing security
- Generating an extensive and complete inventory of available and vulnerable keys
- Removing dormant or policy-violating keys while renewing outdated ones
- Alarming users of suspicious changes to SSH configurations
- Automating policy compliance, key provisioning, and key rotation
- Auditing, tracking, and logging both interactive and M2M connections
But there’s even more to the story. With UKM Zero Trust, you can radically reduce the management overhead of thousands of keys and instead take a huge evolutionary leap in key management — keyless SSH access.
This simply means that you still use the same SSH protocol as before, but without leaving any permanent keys behind to manage. You can onboard existing keys to our solution, meaning that the number of keys to manage will diminish quickly — with significant operational and time savings.
Also, each session is verified “just-in-time” at the time of making the connection, without anyone having permanent authorization or credentials to systems. This is what makes the solution Zero Trust proof.
Taking Your Cybersecurity Solution One Step Further — Keys and passwords Managed as One
What we can do with keys, we can do with privileged passwords. With our SSH Zero Trust Solution, you onboard all your critical access credentials — be they passwords of SSH keys — into one solution, and manage them in the same consistent fashion.
What’s more, you shift from managing them and start migrating to a keyless and passwordless authentication system — one that eliminates the need to manage, vault or rotate anything. With our hybrid model, you still manage and vault the credentials you need to, but simultaneously start your journey towards a keyless and passwordless future at your own pace.
Learn how you can future-proof your password and SSH key management system with our SSH Zero Trust solution.
Currently employed by SSH.COM as Product Marketing Manager, Jani is a mixed-marketing artist with a strong background in operator and cybersecurity businesses. His career path of translator->-tech writer -> marketer allows him to draw inspiration from different sources and gives him a unique perspective on all types...