By Ryan Squires Posted January 23, 2019
Managing access to servers has been changing. It goes part and parcel with the fact that IT infrastructure itself has shifted with the advent of the cloud. The downstream result is that the benefits of SSH key management highlight a core reason to shift to modern server infrastructure. It all revolves around security.
Active Directory®, IAM, and SSH Keys
Traditionally, server environments were hosted in on-prem data centers or collocated environments. User access to these data centers and/or collocated environments was managed by Microsoft® Active Directory®. For users, it was easier to connect to Windows servers because their username and password for their Windows laptops did double duty. Their one set of credentials enabled access to their systems as well as the servers they needed. It was a relatively painless process.
The challenge clouding this approach deals with secure identity and access management (IAM) practices. While it was easier for end users to access servers with standard passwords, it was also more risky. The reason for this risk stems from the fact that passwords are much easier to hack than cryptographic keys. In fact, a popular encryption method is RSA 2048-bit encryption, which is essentially equal to a 617-digit password. Clearly, that’s much more secure than most users passwords that can sometimes be as complex as “1234567” and “qwerty.”
While SSH keys were much more secure than simple username and password combinations, their usage was far more prevalent on Unix/Linux®-based systems than their Windows®-based counterparts. SSH key management frankly didn’t reside at the top of mind for most Windows-focused IT admins. That is, until shifting infrastructure usage models began to impact most everybody in the IT world.
AWS® Drives SSH Key Usage
When the shift to the Linux and cloud server infrastructure began, the need for SSH key management really picked up. Amazon Web Services® (AWS®) helped to drive the adoption of SSH keys and their subsequent need for management. AWS required (and still does) leveraging SSH keys for users to gain access to their hosted Linux server infrastructure. Now, since AWS is the biggest cloud infrastructure service by a pretty large margin, it is pretty much a requirement to have proper SSH key management practices in place.
SSH Key Benefits, Pain Points, and a New Way Forward
Of course, the benefit of SSH key management provides greater security to organizations and their individual users. Unfortunately, the challenge can equate to an ongoing administrative headache. DevOps engineers and sysadmins have traditionally needed to handle SSH key management manually or with the use of configuration automation solutions that required them to code. Both of these solutions detracted greatly from the benefits gleaned from SSH key usage.
The good news is that there is a next generation cloud identity management platform that enables IT organizations to leverage the benefits of SSH key management without the drawbacks and overhead of manually managing SSH keys. That next generation cloud identity management platform is called JumpCloud® Directory-as-a-Service®. With JumpCloud, IT admins grant access to hosted devices, and users generate their own SSH keys. The user stores the private key on their system and uploads the public key to the JumpCloud user portal. When that public key is uploaded successfully to the user portal, it is automatically distributed to the cloud infrastructure that the individual user has been granted access to. True Single Sign-On™ then enables users to access all of their IT resources with a single set of credentials, like the old days, but this time from the cloud.
Learn More About JumpCloud
If you’re ready to provide ease of access to remote servers for your users, while maintaining the high security standards inherent to SSH keys, sign up for a free JumpCloud Directory-as-a-Service account, and reap the benefits of SSH key management today. When you sign up you can manage up to 10 users for free using the full-featured version of JumpCloud. If you want to see the product in action, schedule a demo or visit our YouTube channel. Stuck? Check out the Knowledge Base or drop us a line to get you moving in the right direction.