Rather than logging into servers with traditional usernames and passwords, many administrators use SSH keys to authenticate user access. Most large organizations use SSH across at least 1,000 systems. However, if these SSH keys aren’t managed correctly, they can open up thousands of vulnerabilities for a security breach.
Knowing where your SSH keys are stored and how you should manage them is crucial to protecting your organization from cyber criminal attacks.
What are SSH keys?
Secure Socket Shell (SSH) is a cryptographic network protocol that provides authentication between the server and the client to allow users to securely access network services over an unsecured network. SSH protects information by using public keys to encrypt data and private keys to decrypt them. Instead of logging into a server with a username and password, administrators usually authenticate with SSH keys.
All enterprise organizations use SSH keys to authenticate users and establish trusted access to systems. SSH keys are commonly used to automate file transforms and allow for secure management of routers, applications servers, firewalls, virtual machines, cloud instances, and more.
SSH keys simplify permission management by allowing administrators to grant access to groups of users based on their role or other qualifications. SSH keys also allow for easy access revocation when employees no longer work at the company. However, if compromised, SSH keys can be used by cyber criminals to gain privileged access to servers. The significance of SSH keys requires administrators to pay attention to where SSH keys are stored and how they are managed.
How do SSH keys work?
SSH keys work by encrypting data that is exchanged between two parties using a client-server model. The server listens to a designated port for connections while the client begins the Transmission Control Protocol (TCP) handshake with the server. Then the server and the client negotiate encryption for the session to create a shared secret key that is used to encrypt all the communication that follows.
Once the client and server have the shared secret key, they authenticate themselves. The server uses a public key to encrypt a message and send it to the client. Assuming the client has the correct private key, they can decrypt the message and send it back to the server for verification.
Where are SSH keys stored?
If you don’t know the location of your SSH keys and who has access to them, there is no way to determine if keys have been stolen, misused, or shouldn’t be trusted. Only 10% of large organizations have a complete and accurate SSH key inventory, meaning the other 90% are putting themselves at risk.
There are countless SSH implementations, such as Tectia SSH client & server, PuTTY client, WinSCP client, CyberDuck client, and OpenSSH server. Each of these clients stores SSH keys differently. Organizations that don’t maintain an accurate SSH key inventory aren’t prepared to act quickly if their SSH keys require remediation. Further contributing to the problem, many Privileged Access Management (PAM) solutions don’t cover SSH keys used to automate machine-to-machine authentication. This leaves critical business functions at risk.
How should SSH keys be managed?
An SSH management platform takes all the confusion out of tracking SSH keys and makes for a more secure environment. With a management platform like Venafi, organizations gain complete visibility over all keys and certificates. Organizations should be able to:
- Identity all encryption assets
- Monitor for vulnerabilities
- Detect anomalies
- Enforce policies
- Automate key rotation
Benefits of well-managed keys
Protected SSH keys offer a host of benefits that extend beyond improved security. When keys are well managed, organizations have full visibility into their SSH servers, private keys, and authorized keys that grant SSH access. Having a full list in one place allows administrators to detect vulnerabilities and resolve them quickly.
With proper management, administrators can tie SSH keys back to a single individual, allowing for an effective audit trail. This helps organizations know when an individual’s access needs to be changed or revoked due to misconduct or a change in employment.
Risks of poorly managed keys
Without proper management of SSH keys, organizations are at risk of regulatory non-compliance. This non-compliance can mean violating the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Payment Card Industry Data Security Standard (PCI DSS), and the General Data Protection Regulation (GDPR).
It’s easy for individuals who shouldn’t have administrative access anymore to slip through the cracks. Because SSH keys don’t expire, employees who have left the organization may still have access to sensitive information or systems. SSH key rotation is one way to mediate the risks of old SSH keys. However, 63% of respondents in a Venafi study admitted they don’t actively rotate keys — even when an administrator leaves their organization.
Secure your organization with Venafi SSH Protect
SSH keys are critical to business function, but it’s easy to lose track of where SSH keys are stored and who has access to them. Your organization has thousands of SSH connections and each one can lead to a security breach if not protected. With Venafi SSH Protect, you can discover and report on how many SSH keys are active in your organization, which systems they are being used on, and who has access to them. This full automated visibility keeps your organization secure and allows you to scale operations.