SSH Tectia

Host Key Distribution

Server Authentication Principles

SSH Tectia uses cryptographic authentication for server hosts. Each server has a cryptographic key pair (a public key and a private key) that identifies the server. Whenever a Secure Shell client connects to a Secure Shell server, the server authenticates itself to the client cryptographically. This ensures that encryption and integrity protection are provided end-to-end between the client and the intended server, and eliminates the possibility to perform certain cryptographic attacks, especially man-in-the-middle attacks.

In order for the cryptographic authentication to work, the client must know the server's public key so that it can securely authenticate the server. The public key of the server must be distributed to each client. The private key of the server is never sent anywhere outside the server computer, but is used by the server to create a digital signature that can then be verified by the client using the public key.

SSH Tectia Manager automates the distribution and maintenance of the server public keys (also called host keys). SSH Tectia Manager makes the management of these keys completely transparent. Whenever a new server is added under management, its host key is automatically distributed to each server and client, and added to their known hosts database. Likewise, whenever a new client or server joins the management system, it will automatically receive the public keys of all other servers in the managed environment. If the host key of a server is changed, the new key is automatically distributed to all other hosts, replacing any old key for the server.

Benefits and Features of Automated Host Key Distribution

The automation of host key management solves a number of practical problems that system administrators have had in the past with various Secure Shell products.

In practice, most users do not understand system questions about whether to accept a new or changed host key for a server, and will either call IT support or accept the new key without verifying it. This makes the system vulnerable to man-in-the-middle attacks and causes high maintenance costs due to increased support load. These problems can be avoided with automated host key distribution, which eliminates user confusion and security risks relating to users arbitrarily accepting new host keys. This provides several benefits:

  • It is now possible to enable "strict host key checking", ensuring that the server connection is not allowed if the host key has changed or is not known.

  • Corporate security policy may require that all cryptographic keys be changed regularly (for example, every six months). SSH Tectia Manager now makes this practical as the key change is transparent to the user, and requires no user actions.

  • The host key can now be verified for every connection, including the first connection from a client to a server. This eliminates the possibility of man-in-the-middle attacks during the first connection.

The Management Server will queue any host key updates for hosts that are not connected to the management system when the update is performed. It will perform the update next time the host comes back online. This is important for two reasons:

  • Laptops are frequently out of the office.

  • In large environments, tens or even hundreds of machines are unreachable because of various reasons at any given time. For example, machines can break down, suffer disk crashes, be replaced because of old age, have their operating system reinstalled, or otherwise lose all previous data.

These issues have caused problems with script-based host key distribution methods in the past, resulting in considerable amounts of manual repair work, downtime, and costs. SSH Tectia Manager handles these situations automatically.

Scalability Issues Involving Host Keys

In very large environments (over a few thousand hosts), the distribution of server public keys starts to become cumbersome even with SSH Tectia Manager. Each host key consumes about a kilobyte of disk space, thus one thousand host keys will consume about a megabyte of disk space on each client machine.

As all host keys are sent to every machine, the time needed to distribute a new host key to all hosts grows linearly with the number of hosts, and the time needed to redistribute all host keys to all hosts grows with the square (N2) of the number of hosts. Even though host key distribution is very fast, performing millions of key transfers to thousands of machines over the network can take several hours and results in gigabytes of network traffic.

These issues pose a limit on the number of host keys that can be handled in practice as the environment grows. There are two approaches to make the server authentication scale beyond a few thousand hosts; we recommend the first option:

  • Use public-key infrastructure (PKI) for server host authentication. You can apply the built-in CA of SSH Tectia Manager or a third-party PKI solution for server host identity management.

  • Install more than one instance of SSH Tectia Manager, and divide the hosts into logical management environments (for example, by division), so that only a few thousand hosts are under each management system.