SSH or Secure Shell or Secure Socket Shell is a network protocol is how users, sysadmins can access other computers over an unsecured network.
SSH provides strong password and/or public key authentication using which a sysadmin or network admin can connect to any computer or application remotely, execute commands and also move files using SFTP or SSH File Transfer Protocol.
Where can we use SSH?
We can use SSH protocol in various scenarios such as:
Providing secure access for users and automated processes
Interactive and automated file transfers
To issuing remote commands
Managing network infrastructure and other mission-critical system components
How does SSH work?
SSH protocol works in a client-server architecture, thus an SSH client connects securely to an SSH server. SSH client would drive the connection set up process and use Public Key Infrastructure to verify the authenticity of the SSH server. Following the setup, SSH protocol uses strong symmetric encryption and hashing algorithm to ensure privacy, and integrity of the data exchanged.
Several options can be used for user authentication. The most common ones being passwords and public key authentication.
Public Key authentication is mostly used for automated purposes and system administrators for single sign-on. There are two keys namely, the public key and the private key. The public key is configured to the server, and anyone with the private key is granted access to the server and authentication respectively. These private keys are also called SSH Keys.
SSH Key-based authentication is primarily used to enable security automation. We can have automated secure file transfers, automated systems, and also bulk configuration management which can turn out to be helpful.
Using SSH protocol to communicate can be beneficial as SSH provides strong encryption over the messages transferred and also integrity protection against any attacks. Once the connection is established between the SSH client and the SSH server, the data is encrypted using the parameters that were exchanged during the setup. During the setup, symmetric encryption is agreed upon, and keys are exchanged to continue the communication via symmetric encryption. The data transferred between the client and the server is encrypted using industry-standard strong encryption algorithms (such as AES), and the data is also hashed to ensure the integrity of the data being transferred. A hashing algorithm such as SHA-2 is used for this purpose.
Secure Socket Shell (SSH), also known as Secure Shell, for convenience, is a popular protocol that operates on the principle of public key cryptography. Primarily used to secure private transactions, they are leveraged to institute authentication on both the server-side and client-side. It is important to note that the Secure Shell is used to encrypt data flowing to and from a remote system. Some typical use-cases of this kind of cryptography include system-to-system file transfers, remote logins into computer systems, and automated server access without having to manually log in.
One of the biggest benefits of SSH Keys is their resilience against cyber exploits, such as brute-force attacks, given that passwords are not required to be exposed over the web in the transaction. It also features most of the key capabilities of PKI and fundamentally works on the principle of public-private key pairs.
To the uninitiated, SSH Keys and x.509 certificate-based authentication (which also involves public and private keys) might seem similar, but in truth, they could not be any more different.
SSH Keys vs x.509 Certificates – Key Differences:
While x.509 certificates rely on digital certificates and issuing bodies (Certificate Authorities) to sign private keys, SSH Keys are not governed by any institution. They are created, circulated, and used within transacting partners and organizations, and can be managed without any external interference.
That aside, they also possess functionality that their counterparts don’t – the ability to enable remote access to systems. On the other hand, TLS certificates cannot provide that sort of functionality on its own, unless deployed alongside other protocols like FTP.
Risks associated with SSH Keys:
The absence of a governing body presents a veritable challenge in managing SSH keys – a lack of organization. SSH Keys are generated based on need, and when ad-hoc processes govern the issuance of these keys, there’s bound to be key sprawl. This means keys are discarded once they are declared useless or vulnerable, and a lack of inventory renders them difficult to keep an eye on – considering the fact that large organizations may possess hundreds of thousands of SSH keys on file. However, their presence on the server makes them possible back-doors to potential hackers, which can then be abused to conduct data espionage, theft, or breaches.
Key rotation, another important function, is often ignored by administrators. A stale key presents a weak link to malicious actors, which can, again, be abused to exploit network resources.
SSH Key Management Best Practices:
If you do not possess organizational directives toward SSH key handling, it would be in your best interest to institute one now. Enforcing strict policy, exercising audit tracking, and possessing full control and visibility into the SSH key infrastructure can go a long way towards bettering the cyber health of the org. Automation of management is also an excellent way to do this – there are tools available that can actively manage and automate the entire SSH key lifecycle. In the meantime, here are some best practices you can start following immediately to take your cybersecurity up a notch.
Gain Complete Visibility:
Only by finding and locating the keys on your system can you protect them adequately. Run periodic discovery scans across your network with an appropriate tool to locate and inventory all SSH keys. Once this is done, map them with the endpoints they are tied to, and tag them with all the information an administrator would need while dealing with them, such as passcodes
Rotate Keys Regularly:
Stale SSH keys present a golden window of opportunity to hackers who may try to crack their passcodes and infiltrate the server. Set up policy that enforces regular generation, re-keying, and rotation of SSH keys, and ensure that all stakeholders are duly notified when this happens. Care must be taken NOT to reuse passcodes, and to use fresh credentials each time. Automating this process in large organizations can save several man-hours and significant operational costs.
Enforce Audit and Policy:
Create org-wide policy, and ensure that operations/IT personnel adhere to it – For instance, policies on regular key rotation. Furthermore, make liberal use of audit trails using specialized software, in line with industry regulations, to maintain tabs on the use, reuse, and application of all your SSH keys.
Create Role-based Permissions:
Prohibit access and modification of SSH Keys or their credentials by all the personnel in your team(s). Use directory services to provide different levels of privilege for each user category, to prevent haphazard control and promote audit trail.
Avoid the Use of Hard-coded Keys:
When SSH keys are built-into or packaged with software applications, they present a dangerous security vulnerability. Why? Since they’re governed by passphrases, a carelessly issued SSH key with a weak passphrase may be the weak link in an application that hackers could potentially exploit, compromising the integrity of the entire applications. Ensure that SSH keys are centrally managed by a dedicated management system.