Security of Interactive and Automated Access Management Using Secure Shell (SSH)
Tatu Ylonen, Paul Turner, Karen Scarfone, Murugiah Souppaya
Users and hosts must be able to access other hosts in an interactive or automated fashion, often with very high privileges, for a variety of reasons, including file transfers, disaster recovery, privileged access management, software and patch management, and dynamic cloud provisioning. This is often accomplished using the Secure Shell (SSH) protocol. The SSH protocol supports several mechanisms for interactive and automated authentication. Management of this access requires proper provisioning, termination, and monitoring processes. However, the security of SSH key-based access has been largely ignored to date. This publication assists organizations in understanding the basics of SSH interactive and automated access management in an enterprise, focusing on the management of SSH user keys.
, Turner, P.
, Scarfone, K.
and Souppaya, M.
Security of Interactive and Automated Access Management Using Secure Shell (SSH), NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.7966
(Accessed September 30, 2023)