Controlling access to your hosted Linux® servers via SSH key management for Google Compute Engine™ (GCE) is a critical part of ensuring that your Linux cloud infrastructure is secure. With more IT organizations shifting their data centers to the cloud, they have many options on which service to leverage. GCE is a popular choice – along with Amazon® Web Services (AWS) and Microsoft®Azure®. With these servers hosted in the cloud, it is extremely important to have a sure way of accessing them. This problem of secure access leads the great majority of organizations to use SSH (Secure Shell) keys in order to secure access to their cloud infrastructure.
SSH access is generally viewed as being more secure than a username and password. That’s because a password is generally a combination of words and letters with the occasional symbol thrown in for good measure. They’re usually not longer than 10 or so characters. On the other hand, if a user were to leverage RSA 2048-bit encryption, that code would be similar to a 617-digit password. Brute force attacks? Good luck with a password of that length.
How Do You Generate an SSH Key?
First off, SSH keys come in pairs that users can generate themselves. It’s imperative for security that IT admins never generate an end user’s SSH keys. A private key is something that only the end user should have.Users can create SSH key on Windows by using an SSH client called PuTTY. Mac® and Linux® users can actually generate their own SSH keys by using the terminal, no additional software required. When a key is generated, the program or terminal spits out both a public and private key. Users keep the private key to themselves on their system while distributing their public key to the servers that they need access to. It’s like a two-way password—the public key needs the private key in order to authenticate a user.
But, this system creates risk as well. When users are creating SSH keys themselves, there is often no (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: https://jumpcloud.com/blog/ssh-key-management-for-gce/