Host Key

A host key is a cryptographic key used for authenticating computers in the SSH protocol.

Host keys are key pairs, typically using the RSA, DSA, or ECDSA algorithms. Public host keys are stored on and/or distributed to SSH clients, and private keys are stored on SSH servers.

Host Keys Should Be Unique

Each host (i.e., computer) should have a unique host key. Sharing host keys is strongly not recommended, and can result in vulnerability to man-in-the-middle attacks. However, in computing clusters sharing hosts keys may sometimes be acceptable and practical.

Host Keys in OpenSSH

In OpenSSH, host keys are usually stored in the /etc/ssh directory, in files starting with ssh_host_<rsa/dsa/ecdsa/ed25519>_key (the location can be changed in server configuration files).

Host keys are normally generated automatically when OpenSSH is first installed or when the computer is first booted. The ssh-keygen program can be used for generating additional host keys or for replacing existing keys.

Known Host Keys

SSH clients store host keys for hosts they have ever connected to. These stored host keys are called known host keys, and the collection is often called known hosts. In OpenSSH, the collection of known host keys is stored in /etc/ssh/known_hosts and in .ssh/known_hosts in each user's home directory.

Management of Host Keys

Host keys are cryptographic keys. The private keys should only be accessible to root. However, system administrators having root access to a server can obtain the server's private host key. Likewise, if an attacker gains root access to the server, he can obtain a copy of the private host key.

Once the attacker has a copy of the private host key, he can perform man-in-the-middle attacks on the network to obtain user passwords and to inject new commands in other administrative sessions.

It is important to regularly change host keys. It is a complicated process and has to be done with due diligence.

Host Certificates

Some SSH implementations support using certificates for authenticating hosts.

Tectia SSH supports standards-compliant X.509 certificates for host authentication. This allows the host certificates to be generated and managed using normal certificate management tools in an enterprise.

The free open source OpenSSH only supports its own proprietary certificate format. Using them requires developing and maintaining internal tools for host certificates.

Using host certificates instead of traditional host keys is generally strongly recommended. We have customers using X.509-compliant host certificates with Tectia SSH on over 40,000 hosts in a single enterprise.

User Keys

Security architects and administrators should also be aware of the uniquitous use of SSH keys for user authentication. They are access credentials that should be taken into account in identity and access.

It turns out that many organizations have 10 times as many SSH keys as they have traditional user names and passwords granting access to their servers. Organizations that use SSH should assess their risks and based on the results, start planning for deploying SSH key management as an urgent endeavor. Due to their high numbers, the risk involved, and potentially very costly compliance ramifications, addressing SSH keys is one of the top-five critical security problems in enterprises today.

Tools for SSH Host Key Management

Host key management should be seen as part of broader SSH key management.

The Universal SSH Key Manager is the tool with the largest number of large deployments.