Managing access to servers has been changing. It goes part and parcel with the fact that IT infrastructure itself has shifted with the advent of the cloud. The downstream result is that the benefits of SSH key management highlight a core reason to shift to modern server infrastructure. It all revolves around security.
Active Directory®, IAM, and SSH Keys
Traditionally, server environments were hosted in on-prem data centers or collocated environments. User access to these data centers and/or collocated environments was managed by Microsoft®Active Directory®. For users, it was easier to connect to Windows servers because their username and password for their Windows laptops did double duty. Their one set of credentials enabled access to their systems as well as the servers they needed. It was a relatively painless process.
The challenge clouding this approach deals with secure identity and access management (IAM) practices. While it was easier for end users to access servers with standard passwords, it was also more risky. The reason for this risk stems from the fact that passwords are much easier to hack than cryptographic keys. In fact, a popular encryption method is RSA 2048-bit encryption, which is essentially equal to a 617-digit password. Clearly, that’s much more secure than most users passwords that can sometimes be as complex as “1234567” and “qwerty.”
While SSH keys were much more secure than simple username and password combinations, their usage was far more prevalent on Unix/Linux®-based systems than their Windows®-based counterparts. SSH key management frankly didn’t reside at the top of mind for most Windows-focused IT admins. That is, until shifting infrastructure usage models began to impact most everybody in the IT world.
AWS®Drives SSH Key Usage
When the shift to the Linux and cloud server infrastructure began, the need for SSH key management really picked up. Amazon Web Services® (AWS®) helped to drive the adoption of SSH keys and their subsequent need for management. AWS required (and still does) leveraging SSH keys for users to gain access to their hosted Linux (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: https://jumpcloud.com/blog/ssh-key-management-benefits/