SSH – Key Management and Best Practices

Secure Socket Shell (SSH), also known as Secure Shell, for convenience, is a popular protocol that operates on the principle of public key cryptography. Primarily used to secure private transactions, they are leveraged to institute authentication on both the server-side and client-side. It is important to note that the Secure Shell is used to encrypt data flowing to and from a remote system. Some typical use-cases of this kind of cryptography include system-to-system file transfers, remote logins into computer systems, and automated server access without having to manually log in.

One of the biggest benefits of SSH Keys is their resilience against cyber exploits, such as brute-force attacks, given that passwords are not required to be exposed over the web in the transaction. It also features most of the key capabilities of PKI and fundamentally works on the principle of public-private key pairs.

To the uninitiated, SSH Keys and x.509 certificate-based authentication (which also involves public and private keys) might seem similar, but in truth, they could not be any more different.

SSH Keys vs x.509 Certificates – Key Differences:

While x.509 certificates rely on digital certificates and issuing bodies (Certificate Authorities) to sign private keys, SSH Keys are not governed by any institution. They are created, circulated, and used within transacting partners and organizations, and can be managed without any external interference.

That aside, they also possess functionality that their counterparts don’t – the ability to enable remote access to systems. On the other hand, TLS certificates cannot provide that sort of functionality on its own, unless deployed alongside other protocols like FTP.

Risks associated with SSH Keys:

The absence of a governing body presents a veritable challenge in managing SSH keys – a lack of organization. SSH Keys are generated based on need, and when ad-hoc processes govern the issuance of these keys, there’s bound to be key sprawl. This means keys are discarded once they are declared useless or vulnerable, and a lack of inventory renders them difficult to keep an eye on – considering the fact that large organizations may possess hundreds of thousands of SSH keys on file. However, their presence on the server makes them possible back-doors to potential hackers, which can then be abused to conduct data espionage, theft, or breaches.

Key rotation, another important function, is often ignored by administrators. A stale key presents a weak link to malicious actors, which can, again, be abused to exploit network resources.

SSH Key Management Best Practices:

If you do not possess organizational directives toward SSH key handling, it would be in your best interest to institute one now. Enforcing strict policy, exercising audit tracking, and possessing full control and visibility into the SSH key infrastructure can go a long way towards bettering the cyber health of the org. Automation of management is also an excellent way to do this – there are tools available that can actively manage and automate the entire SSH key lifecycle. In the meantime, here are some best practices you can start following immediately to take your cybersecurity up a notch.

Gain Complete Visibility:

Only by finding and locating the keys on your system can you protect them adequately. Run periodic discovery scans across your network with an appropriate tool to locate and inventory all SSH keys. Once this is done, map them with the endpoints they are tied to, and tag them with all the information an administrator would need while dealing with them, such as passcodes

Rotate Keys Regularly:

Stale SSH keys present a golden window of opportunity to hackers who may try to crack their passcodes and infiltrate the server. Set up policy that enforces regular generation, re-keying, and rotation of SSH keys, and ensure that all stakeholders are duly notified when this happens. Care must be taken NOT to reuse passcodes, and to use fresh credentials each time. Automating this process in large organizations can save several man-hours and significant operational costs.

Enforce Audit and Policy:

Create org-wide policy, and ensure that operations/IT personnel adhere to it – For instance, policies on regular key rotation. Furthermore, make liberal use of audit trails using specialized software, in line with industry regulations, to maintain tabs on the use, reuse, and application of all your SSH keys.

Create Role-based Permissions:

Prohibit access and modification of SSH Keys or their credentials by all the personnel in your team(s). Use directory services to provide different levels of privilege for each user category, to prevent haphazard control and promote audit trail.

Avoid the Use of Hard-coded Keys:

When SSH keys are built-into or packaged with software applications, they present a dangerous security vulnerability. Why? Since they’re governed by passphrases, a carelessly issued SSH key with a weak passphrase may be the weak link in an application that hackers could potentially exploit, compromising the integrity of the entire applications. Ensure that SSH keys are centrally managed by a dedicated management system.

If you’d like professional assistance with setting up a scalable SSH key management system, feel free to reach out to us at www.encryptionconsulting.com, and to discover the capabilities of an SSH key lifecycle management and automation tool and how it can fit into your IT processes, visit https://www.appviewx.com/products/cert/