The use of SSH keys is growing dramatically, with many large organizations having millions of these. An SSH key pair is used to log into remote systems like servers hosted in AWS®. The most popular kind of SSH key pair is essentially a 617 digit long password, and this is one of the reasons why there is a growing trend to use SSH keys over traditional passwords. As IT and DevOps organizations are more cognizant of security issues and the use of cloud infrastructure such as AWS grows, IT organizations can’t help but ask, what does the future of SSH key management hold?
It’s a fair question, especially when studies deliver alarming statistics like the following:
- Dimensional Research found that 90% of respondents reported they did not have a complete and accurate inventory of all the SSH keys used in their environment (BusinessWire).
- SSH.com discovered one of their customers had 3 million SSH keys and 90% of them were no longer in use, but still granted access to live production servers (SSH.com).
The good news is a modern identity management solution, called JumpCloud® Directory-as-a-Service®, is not only making SSH key management easier, but it’s also centralizing authentication to all of the IT resources used in your IT environment. First, let’s briefly take a look at why SSH key management has been a hassle.
SSH Key Management Challenges
SSH keys are often a painful part of the IT management process despite their benefits of increased security. This is because each user’s public SSH key needs to be distributed to the servers that the person needs to access. If your organization is of a decent size with many users and systems, the matrix of keeping track of who has access to what can get complicated quickly.
This is often why SSH key management ends up being simplified with either users getting access to every machine, or users sharing a set of SSH keys. Neither of these is a great solution because of the increased risk that it generates. If every (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Natalie Bluhm. Read the original post at: https://jumpcloud.com/blog/future-of-ssh-key-management/