Secure communications between machines are essential to the success of every enterprise. But how do you keep the identities of your machines safe when your administrators are adding machines and changing them every day? To build your own Secure Shell (SSH) machine identity management program, there are specific steps you need to take. These steps enable your organization to protect all the SSH machine identities you’re using today, and to keep up with the growing number of machines your enterprise will need moving forward.
1. Discover All Your SSH Machine Identities
You need to control all SSH machine identities in your environment, including who they belong to and what they’re used for. But first you must find them. A mix of discovery mechanisms and flexible reporting capabilities helps make this task run as quickly and smoothly as needed to find SSH keys across the enterprise.
2. Map All Trust Relationships
By running solid discovery, creating an inventory, and mapping SSH keys pairs, you get a clear overview of all SSH keys and trusted relationships, including users, hosts, and configuration options. Automatically importing trust relationship data into an existing privilege access management system for review leverages existing processes and facilitates an accurate review and tracking of approvals for access granted through SSH keys.
3. Identify and Remove
Any Orphaned and Duplicate Private Keys Implement a continuous proactive approach that scans for orphaned keys, monitors for duplicate key usage, and frequently replaces keys. Mapping all trust relationships also helps you identify any orphaned, shared, or duplicate keys that need to be removed — ideally by using automation. This step can have a big effect on the overall security posture of your enterprise environment and prevent further damage.
4. Implement Clearly
Defined SSH Key Management Policies To prevent the compromise of a key used by an authorized user, you should configure access controls on identity keys to restrict access to the interactive user or to the automated process to which they’ve been assigned. For automated processes, policies should define guidelines for assigning access to administrative staff responsible for managing identity keys.
5. Assign Ownership and Monitor Usage
One of the best ways to prevent the misuse of SSH machine identities is to understand who’s using them. That’s why it’s important that you assign ownership of all access granting keys and monitor and analyze key-based access usage.
Specifically, your organization should conduct SSH audits for compliance violations, assessing risk, and increasing accountability for identity and access management.
6. Control SSH Identities
Because SSH provides remote access into systems, it’s critical that access be tracked and controlled. Many organizations don’t have centralized oversight and control of SSH, so the risk of unauthorized access is increasing.
7. Control SSH Configuration and Known Host Files to Prevent Any Tampering
If you aren’t properly controlling and hardening the configuration of your SSH environment, cyber criminals can use SSH to bypass security mechanisms. An otherwise useful administrative short cut, such as enabling port forwarding, can leave your organization vulnerable. Malicious insiders or cyber criminals can use these authorized connections to bypass firewalls.
8. Enforce Inventory and Remediation Policies
Be prepared to respond quickly when there’s an issue with your SSH environment — removing unauthorized keys, replacing old keys, or enforcing security controls that limit the accessibility and use of SSH keys. Ideally, your organization should automate these and pair them with your identification tools. Doing so helps ensure consistent policy enforcement of SSH key life cycle management.
9. Establish Continuous Monitoring and Audit Process
Just as any part of the IT infrastructure, usage of SSH machine identities should be continuously monitored and reported on —monthly, weekly, or even daily. Building a set of metrics and sharing them with your peers on risk and information security teams help create a mindset and perhaps an incentive to building out stronger SSH policies. It also creates a trackable record of all changes to your organization’s SSH assets.
10. Automate the Whole Process
Time and resources are precious commodities for security operations teams. Automated capabilities like “single-click” machine-assisted key rotation, scheduled bulk cleanup of out-of-policy keys, or self-service managed key generation for system admins should be put into place to improve efficiencies, tighten security, and reduce errors introduced by manual processes.
How Can I Get Started?
SSH Protect, a vital part of the Venafi Trust Protection Platform, is your centralized solution to all things machine identity management. Not only can you discover and manage all your SSH certificates and keys, take control of your TLS certificates, code signing, and more!