Webinar: Learn how to improve WFH security in our Sept. 29 webinar with a former General Electric CIO & an industry analyst Register today

IAM Capability SSH Key Management




IT admins are curious about the identity and access management (IAM) capability for SSH (secure shell) key management. SSH keys have become more popular as of late with the increase in cloud Linux® servers and the need for heightened security measures. The challenge with the use of SSH keys is how to easily and securely manage them across an enterprise. In an ideal scenario, an IAM solution would have the capability to manage SSH keys in coordination with an associated user identity.

What are SSH Keys?

SSH keys are used as a form of authentication—usually used instead of passwords to authenticate access to servers. SSH keys work over the Secure Shell (hence SSH) protocol and form an encrypted tunnel between the client and server. SSH keys are a pair of credential tokens, one public and the other private. The public key is placed on the server, while the private key remains securely in the property of the user who created it. When the user presents their private key to the server’s public key, a cryptographic match is established and the communication is authenticated.

SSH Key Management

Because AWS® and other cloud infrastructure providers mandate the use of SSH keys for cloud server access, modern approaches to SSH key management are becoming a very hot topic. Historically, admins would be on the hook to manage the deployment, rotation, and expiration of SSH keys on servers. Sysadmins may end up manually handling the chore, scripting the process, using configuration management tools, or utilizing specialized IAM solutions to do so.

SSH Key Management in IAM

As the traditional identity management infrastructure within organizations is being upended with a significant shift to the cloud, a standalone system or process for SSH key management ends up being a burden for IT and system admins. Ideally, the process of managing SSH keys would be embedded into the core identity and access management platform with little to no overhead involved. Public keys could be uploaded to the identity management platform, using the system to automatically distribute keys to their requisite servers. Admins could automatically decommission keys centrally, reducing the risk of compromise due to outdated keys. The public SSH key management would be integrated with the end user’s identity as part of the overall identity and access management system.

JumpCloud directory-as-a-service

IAM Capability SSH Key Management from JumpCloud®

There is such a platform: JumpCloud® Directory-as-a-Service®. This cloud identity management solution is not only managing SSH keys, but acts as the central identity store for user identities as well. Those identities are subsequently federated to a wide range of IT resources including systems, applications, files, and networks.

If an identity and access management solution with the capability of SSH key management sounds appealing to you, consider signing up for JumpCloud today. Signing up creates a free JumpCloud account for your organization with ten users included to get you started in the platform. If you would like to learn more about Directory-as-a-Service, contact us with questions or explore our YouTube channel.


Recent Posts
With the major macOS update coming this fall, IT admins need an Apple MDM to manage their Big Sur Macs. You can find one here for free.

Blog

Free Apple MDM

With the major macOS update coming this fall, IT admins need an Apple MDM to manage their Big Sur Macs. You can find one here for free.

Many IT admins signed-up for G Suite and were able to rid themselves of the pain of Microsoft Exchange, but they’re still holding on to AD.

Blog

Using G Suite and Active Directory? There’s a better way.

Many IT admins signed-up for G Suite and were able to rid themselves of the pain of Microsoft Exchange, but they’re still holding on to AD.

IT Manager Justin Price joined a recent JumpCloud Office Hours panel to share his journey to implement his company’s first directory platform.

Blog

Office Hours Recap: Talking Favorite Features and More With Justin Price

IT Manager Justin Price joined a recent JumpCloud Office Hours panel to share his journey to implement his company’s first directory platform.