Multiple authentications from SSH keys

-

When you start to have a lot of servers to administer, SSH keys multiply. Indeed even if, as a general rule, the same key is used to authenticate on different machines, it is sometimes necessary to use other keys. Either connect with a different user account on the same device physically because we use several types of keys or because we want to avoid a single key allowing access to several machines.

You will tell me that you can choose which key to use using ssh -i option, that's true, but like any good developer I'm a bit lazy, and if the machine can do it at my place, why bother me?

It is, therefore possible, to use the file, ~/.ssh/config to indicate to the SSH Keys client which key it should use to connect and to which machine.


This way our SSH client will always use the key attached to a particular host. The directive allows you to specify

an alternative name, it also accepts an IP.


It is quite possible to specify multiple hostnames for the "Host" directive; these, in this case, must be separated

by spaces. Likewise, a wildcard can be entered in the event that several machines share the same domain.

Very practical when you have a complete fleet to manage. There are a number of pretty impressive directives

out there, so for more information, I recommend doing a little man ssh_config.



Example of a host configured with a wildcard:


1) Host *.domain.tld

2) HostName mon-alias

3) User guewen

4) IdentityFile ~/.ssh/ma-clé-ssh


First impressions


This operating mode also has advantages:


1) It does not require any exchange between our server and Vault, only between the bastion and Vault.

Which reduces the attack surface on the latter.


2) It allows controlling rather finely what the user can do or not do once connected thanks to the system of

critical options and extensions.


It uses the already existing OpenSSH functionalities on the client and on the server. On the other hand,

despite its elegance, this solution has some drawbacks, during the validity period of the certificate,

it can be used on an arbitrary number of servers that trust the Vault SSH CA as many times as the user does wish.

And these connections do not give rise to any log apart from the logs of the system itself, which therefore

becomes important to keep and centralize outside the servers.


To mitigate the very large number of machines that can be accessed with a certificate, it will be necessary

to put in place mitigations, we can mention two:


1) Set up different CAs for different sets of servers. This is done by activating the SSH keys Secret

Engine several times on different paths which will therefore have separate CA keys.


2) Set up separate user names for each machine or group of machines. So if a role only allows connection

with the “web.webserver” user who only exists on web servers, then he will only have access to web servers.

Comments

Post a Comment

Popular posts from this blog

Secure Your Data From Hacker With RBAC System

-
The role based access control system is a secure security approach that helps to protect your business sensitive data from cyber hackers. It is an authorized and restricted cyber security system that gives access data to users that is based on their roles within an organization. It is based on the concept of roles and privileges. The data using the access system is dependent upon authority, competency, and responsibilities.
Read more

Security of Zero Trust Model in Business Infrastructure

-
The Zero Trust Mode l is a cybersecurity approach that assumes no trust by default, both inside and outside a corporate network. This means that every user, device, and application trying to access resources on a private network must be verified and authenticated, regardless of their location or network environment. The model challenges the traditional notion of "trust but verify" by implementing strict access controls and continuous verification processes. 
Read more

Zero Trust vs. Traditional Security: The Power of Automation and AI in Modern Cybersecurity

-
Image
The Zero Trust Model has emerged as a powerful alternative to traditional security models in the ever-evolving cybersecurity landscape. It challenges the long-standing notion of Trust within a network and offers a more proactive, comprehensive approach to safeguarding sensitive data.  This article conducts a comparative analysis of Zero Trust and traditional security models, shedding light on what sets Zero Trust apart and why it is gaining momentum. Traditional Security: The Perimeter Defense Paradigm The idea of a network perimeter has long been a cornerstone of conventional security approaches. Trust is often assumed inside the network, while external entities are treated as potential threats. Critical characteristics of traditional security include: Firewalls and Intrusion Detection Systems (IDS) - They serve as a perimeter defense and stop unlawful entry. To identify insider risks, though, they might have trouble. VPN and Network Segmentation -   These technologies crea...
Read more