SSH Key Management for Businesses
SSH is one of the most widely used protocols for connecting to and from UNIX and Linux systems. SSH, or Secure Shell, was developed to replace the plain text Telnet protocol with encrypted communications between clients and host systems. You probably are familiar with the free Windows PuTTY client software that performs SSH and other types of connectivity between Windows and UNIX or Linux systems.
SSH communicates over a secure connection and uses encrypted traffic between the client and server. That’s good but how does SSH authenticate a legitimate client against a server without sending unencrypted passwords over a connection? SSH uses keys. Using SSH keys, you can authenticate your client to a server without sending a password. This method reduces the threat of brute force password attacks to near nil. The reason is that it’s next to impossible to guess the correct credentials, while passwords, no matter how complex, are still sometimes guessable.
Keys are especially useful in situations where system administrators desire to use secure communications for automating tasks between remote systems.
Features of the SSH Protocol
- Strong encryption
- Strong authentication
- Communication integrity
- Tunneling and Forwarding
Keys also help identify servers to clients. For example, when you connect to a remote system for the first time, a key is stored in your personal key store. That remote system key is checked each time you connect to the remote host. If the host’s key changes or if someone is attempting to hijack your session, you’ll receive a notification that the host’s key has changed, warning you to go ahead if you trust the new connection information or to disconnect safely.
One of SSH’s best features is the ability to tunnel insecure protocols over its secure communications. Tunneling occurs when you setup a secure link between systems using SSH and a local port forwarded to a remote system’s insecure port. This allows you to encrypt traffic to a remote email server from your local system so that all traffic between the two is encrypted. For example, you can setup ssh to “listen,” on say, local port 2000, to communications with some remote system on the insecure port, 25 (Sendmail).
SSH Keys seem like a no lose prospect for administrators. However, there’s no perfect situation or protocol. Keys must be managed. Users leave companies sometimes on less than desirable terms, systems go through changes and best security practices require that keys be refreshed. Most organizations either don’t handle key management at all or handle it on an ad hoc basis and in a manual way. For organizations of any size, such relaxed management is not only a security risk, it also violates some regulatory standards.
The answer is to manage those keys using a software suite that provides insight into your environment, helps you stay safe and compliant, and does so at a reduced cost compared to labor-intensive manual management.
Key management basically answers the question, “Who has access and to what do they have access?” This is not an easy question to answer without a centralized management suite. In fact, if your organization doesn’t have any key management in place, ask the question, “Who has access and to what do they have access?” And, remind the person or persons whom you’re asking that active user accounts do not correlate with actual access.
In most environments, no one has the time nor takes the time for key management. Key management has become an afterthought. That is, until there’s a security breach or security compliance audit.
A key management suite shows you all relationships between systems and user accounts. You can see, graphically, who has access and to what they have access. Key management isn’t to be taken lightly. While it’s almost impossible to spoof a connection or masquerade as a legitimate system, it is possible through the use of stolen keys, to break into systems meant for simple automation or passwordless logins.
This does not imply that either of those scenarios is a security flaw or SSH flaw but a vulnerability that can be mitigated through the use of a good key management suite. A simple demonstration will convince you that you need to implement a key management program in your organization.
This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet.