SSH key management is one area where IDaaS players have traditionally missed the mark. In general, IDaaS providers have focused on web application single sign-on with little focus on building authentication capabilities for servers and more technical solutions.
This approach made sense for the web app SSO providers when the directory service world was predominantly Microsoft Active Directory®. IDaaS, of course, was built on top of the directory service. This left out the integration of IDaaS and SSH key management.
Integrated Approach Centralizes Capabilities
Modern approaches to IDaaS – notably Directory-as-a-Service® – are creating an integrated cloud identity management platform. This virtual identity provider is centralizing various capabilities that traditionally have been scattered among different solutions from the identity and access management market.
Specifically, the cloud directory is connecting users to systems, applications, networks, and other IT resources. Those systems can be hosted on-prem or in the cloud and can be Windows, macOS, or Linux based. Applications can be connected via LDAP or SAML, and those software applications can be hosted on-prem or in the cloud. A user’s network access can be more tightly controlled via RADIUS, thereby creating more network security.
The AWS, SSH Key, and Linux Server Connection
One key part of the cloud directory service is the method of authentication, which includes username / password, SSH keys, and multi-factor authentication. For most situations, username and password authentication are standard. Now, more than ever, though, IT organizations are pushing for SSH key authentication. That process is particularly important with Linux servers, and has become more prevalent since AWS has increased in popularity. AWS has required SSH key access to their Linux servers. The approach has been important in enforcing greater security.
The increased use of SSH keys has, however, led to an unfortunate consequence: how to manage them. Each user owns their own SSH key pair, but the IT admins are often responsible for distributing them to the IT resources that need them. Generally, that means that users and IT admins are sending public keys over email to make sure that they are properly placed on all of the right machines. This quickly becomes a huge hassle for IT admins and the end users alike.
Next-Gen IDaaS and SSH Key Management from JumpCloud®
Directory-as-a-Service provides an SSH key management platform to off-load the task from the IT admins and increase the security of SSH key management. End users can have multiple keys uploaded and leverage those for whatever IT resources are applicable. SSH key management can become painful for IT as an organization grows, but next-generation IDaaS makes quick work of that problem.
If you would like to learn more about IDaaS and SSH key management, drop us a note. Also, please try our Directory-as-a-Service platform’s SSH key management yourself. If you have AWS, it seamlessly connects to their cloud servers. Your first 10 users on our platform are free forever.