I'm transitioning from a Windows-only environment to managing several Linux servers and need some advice on SSH key management. In the past, we relied solely on usernames and passwords for access. Now, I want to enhance our security by implementing a policy that requires SSH keys for authentication. I see a few possible approaches: 1) Using a single SSH key for each admin across all servers, even if they have multiple devices. 2) Assigning separate SSH keys for each device, trusted on all servers. 3) Generating unique keys for every server for each admin. While unique keys per server seem more secure, I worry about the management overhead and the tendency for users to create weak passphrases. How do others manage SSH keys in their environments?
5 Answers
Consider using ECDSA or ED25519 SSH keys if your systems support them. They're more secure and can integrate with hardware tokens like YubiKeys for added protection. This way, even if someone leaves their token at their desk, it’s less of a risk compared to just passwords. It might take some effort to set up, but it vastly improves security.
I suggest keeping it simple: each admin has their SSH key pair, which they generate on their personal machines or a secure USB. The public keys are added to the servers they need access to. This way, everyone manages their own keys, and you can enforce security policies like passphrases. If you prefer automation, deploying keys through Ansible is effective and scalable as your user base grows.
Have you looked into using HashiCorp Vault? It’s excellent for managing SSH keys at scale. Vault can issue short-lived certificates that grant access dynamically, reducing management complexity and improving security. You can manage user access through policies, which makes revoking access really straightforward.
If your organization is already using Active Directory, you might want to extend that to your Linux servers. Using SSSD to integrate with AD allows you to store public keys as attributes on user accounts. This way, when someone’s access needs to be revoked, you can just disable their account in AD without worrying about managing keys across different servers.
FreeIPA is a great solution for key management! You can completely do away with passwords if needed. It centralizes SSH keys efficiently and allows you to manage user access, plus two-factor authentication is built-in, making it a robust choice.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures