Skip to main content

SSH key management a potential risk

We've long said that while we love SSH, SSH key management is a weak point, especially if you need to meet compliance requirements such as PCI.  Now Charles Kolodgy of IDC is saying the same thing:

"An interesting unintended consequence of SSH is that an SSH connection can be used to bypass access control mechanisms such as password-based systems," Kolodgy recently wrote. "If a system account--operating systems, middleware, databases, and applications for running processes--has a key association, a user can make a connection to the system account, circumventing the standard password-based authentication. This access is made possible because the SSH key association provides acceptable authentication."

It's best to have all of your authentication processes go through the same process - and it should include a stop at your Enterprise directory, whether Active Directory and LDAP.  In this way, all your remote access authentications, whether it is an admin logging into a database server or a VP checking email via the VPN.  Users need to be disabled quickly and securely by the proper people in an organization.  The more access/power they have, the more important that is.

For information on how to configure all your major remote access services including VPNs and SSH,  please download our  eGuide on adding two-factor authentication to your network.

Current rating: 1

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom