Profile Applicability:
Level 1
Description:
The organization must provide and manage SSH certificates as a method of authenticating users accessing servers and infrastructure. SSH certificates offer a scalable and secure alternative to static SSH keys by enabling centralized issuance, expiration, and revocation of user credentials.
Rationale:
Using SSH certificates enhances security by reducing the risks associated with unmanaged SSH keys, such as key sprawl, lost keys, or unauthorized access. Centralized certificate management simplifies access control, supports auditing, and aligns with security best practices.
Impact:
Pros:
Improves access control through centralized issuance and revocation.
Reduces risk of unauthorized server access.
Simplifies SSH key lifecycle management.
Enhances auditability of access events.
Cons:
Requires initial setup and operational overhead.
Needs training for administrators and users on certificate usage.
Default value:
Many organizations rely on static SSH keys without certificate management, increasing security risks.
Audit:
Verify deployment and use of SSH certificates across servers. Review issuance, expiration, and revocation logs. Check for legacy unmanaged SSH keys.
Remediation:
Implement an SSH certificate authority (CA) and establish policies for certificate issuance and management. Train users on certificate usage and integrate certificate validation in SSH servers.
References:
https://developers.cloudflare.com/ssh-tunnel/ssh-certificates/
https://www.cisecurity.org/controls/application-software-security/