European Reseller

Helping bring new products to market

Thursday, May 23rd

Last updateTue, 09 Apr 2019 11pm

You are here: Home Security Best Practices for Secure Shell Key Management
Hand Held

Best Practices for Secure Shell Key Management

Tatu Ylonen WEB CEO  founder SSH Comunications


By Tatu Ylönen, CEO and founder, SSH Communications Security

Over the years, large enterprises have seen an increase in the number of security threats they have encountered.

Many of these organizations house large volumes of data that often contains sensitive information. This information could include intellectual property, customer analytics, or financial records.

When this data is transferred throughout the organization’s network, it is at risk of being compromised by an internal, or external security breach.

Today, the Secure Shell (SSH) data-in-transit protocol is used by nearly every major organization – including governments, financial institutions and large enterprises – in order to safeguard data as it is transferred through the network. Such protocols also allow for administrators to access and manage systems remotely.

Secure shell works by creating a joint pair of encryption keys – one key is placed on the server and the other on the user’s machine – and the data transferred between the two is encrypted. Although secure shell keys protect the information as it’s transferred, there are significant oversights in the deployment and management of these keys that can lead to network vulnerabilities.

Such errors leave organizations vulnerable to security attacks as well as non-compliancy to federal regulations. In order to prevent such incidents, there are best practices that organizations can put in place to resolve the current mismanagement of secure shell keys.

Look Behind the Curtain

Secure shell key mismanagement is a problem that flies under the radar of many organizations, even though it poses significant threats. Concealed by its highly technical nature and constant organizational challenges, the problem has remained buried in the IT department. System administrators are often unaware of the problem, due to a lack of understanding of the consequences. In the event that executives and other business managers are notified of the problem, they are often consumed by other company responsibilities, making it difficult for them to explore the issue further, let alone remedy the problem.

Many major enterprises, governments and financial institutions have reported that they have between eight and over a hundred encryption keys in their networks that grant access to each Unix/Linux server. Several of these keys permit high-level root access, leaving servers defenseless to malicious attackers. Insiders, as well as anyone who has ever been allowed server access, such as contractors, have the ability to use these keys to acquire unauthorized access to servers.

Virus Threat Vector

The likelihood of a secure shell key being used as a vessel to gain access to secured information increases daily. Recently, network breaches have received an astounding amount of media attention due to the increases in innovative methods being executed by hackers. Implementing secure shell keys as an attack vector in a virus is simple and involves only a few hundred lines of code. Once a virus gains access, it can manipulate mismanaged keys to achieve further access across servers.

Key-based access networks are so tightly interlaced that once a virus gains access it could take down all of the servers within an organization, especially if the virus was to use other attack routes to elevate privileges after breaching a server. Considering the large volume of keys being distributed, a virus could corrupt virtually all servers, including disaster recovery and backup machines, in a matter of minutes.

Under the worst circumstances, a virus using various attack routes could spread Internet-wide and converge with destructive technologies, potentially corrupting vast amounts of data

The Threat of Noncompliance

Organizations who do not implement proper secure shell key management procedures are not only at risk of security breaches; they also risk being non-compliant with mandated regulations. Industry requirements such as FISMA, SOX, HIPAA and PCI, require that organizations sustain control over server access and maintain the ability to terminate such access.

Secure shell key protocols themselves are not flawed. The error lies within faulty guidelines, such as:

  • Insufficient time and resources to research the issue and develop solutions
  • A lack of understanding of the consequences of the problem
  • Hesitation of auditors to flag issues that they cannot solve effectively

Secure shell key mismanagement should not be dismissed for lack of understanding. If organizations fail to implement the appropriate auditing, control and termination of secure shell key-based access to their IT systems and data, they will remain an easy target for hackers.

Best Practices

The proper support and involvement from within the organization is necessary to resolve secure shell key mismanagement.

Important first steps an organization can take are:

  • Pinpointing who has access to what and identifying all existing trust-relationships
  • Monitoring the environment in order to determine which keys are used and removing keys no longer in use
  • Automating key setups and key removals to eliminate manual work and human error, reducing the number of administrators from several hundred to virtually none
  • Managingwhich commands can be executed using each key and where the key execution can occur
  • Requiringproper processes for all key setups and other key operations
  • Circulating keys, i.e., changing every authorized key (and corresponding identity keys) regularly, so that any compromised or duplicate keys cease to work

In Conclusion

Many major government agencies as well as Fortune 500 companies are negligent when it comes to monitoring secure shell key environments. In order to thoroughly address the issue, organizations will need to make significant investments in training programs for their employees. Upper-level management and executives must make secure shell key management a priority to ensure that their organization is not a target for security attacks.

Secure shell has maintained its place as the industry standard for data-in-transit security. However, current security risks demand that organizations take critical steps to improve secure shell key-based access in their network environments moving forward.

About the Author:

Tatu Ylönen is the CEO and founder of SSH Communications Security. While working as a researcher at Helsinki University of Technology, Tatu Ylönen began working on a solution to combat a password-sniffing attack that targeted the university’s networks. What resulted was the development of the secure shell (SSH), a security technology that would quickly replace vulnerable rlogin, TELNET and rsh protocols as the gold standard for data-in-transit security.

Tatu has been a key driver in the emergence of security technology, including SSH & SFTP protocols and co-author of globally recognized IETF standards. He has been with SSH since its inception in 1995, holding various roles including CEO, CTO and as a board member.

In October 2011 Tatu returned as chief executive officer of SSH Communications Security, bringing his experience as a network security innovator to SSH’s product line. He is charting an exciting new course for the future of the space that he invented.

Tatu holds a Master of Science degree from the Helsinki University of Technology.