Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Security of Interactive and Automated Access Management Using Secure Shell (SSH)

Published

Author(s)

Tatu Ylonen, Paul Turner, Karen Scarfone, Murugiah Souppaya

Abstract

Users and hosts must be able to access other hosts in an interactive or automated fashion, often with very high privileges, for a variety of reasons, including file transfers, disaster recovery, privileged access management, software and patch management, and dynamic cloud provisioning. This is often accomplished using the Secure Shell (SSH) protocol. The SSH protocol supports several mechanisms for interactive and automated authentication. Management of this access requires proper provisioning, termination, and monitoring processes. However, the security of SSH key-based access has been largely ignored to date. This publication assists organizations in understanding the basics of SSH interactive and automated access management in an enterprise, focusing on the management of SSH user keys.
Citation
NIST Interagency/Internal Report (NISTIR) - 7966
Report Number
7966

Keywords

access control, authentication, automated access management, device authentication, interactive access management, Secure Shell (SSH), user authentication

Citation

Ylonen, T. , Turner, P. , Scarfone, K. and Souppaya, M. (2015), Security of Interactive and Automated Access Management Using Secure Shell (SSH), NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.7966 (Accessed August 10, 2022)
Created October 14, 2015, Updated October 12, 2021