Security of Interactive and Automated Access Management Using Secure Shell (SSH)

Tatu Ylonen, Paul Turner, Karen Scarfone, Murugiah Souppaya

Tutkimustuotos: Kirja/raporttiTutkimusraportti

Kuvaus

Users and hosts must be able to access other hosts in an interactive or automated fashion, often with very high privileges. This is necessary for a variety of reasons, including file transfers, disaster recovery,privileged access management, software and patch management, and dynamic cloud provisioning. Accessing other hosts is often accomplished using the Secure Shell (SSH) protocol. The SSH protocol supports several mechanisms for interactive and automated authentication. Management of this accessrequires proper provisioning, termination, and monitoring processes. However, the security of SSH key-based access has been largely ignored to date. This publication assists organizations in understanding the basics of SSH interactive and automated access management in an enterprise, focusing on the management of SSH user keys.
Alkuperäiskielienglanti
KustantajaNational Institute of Standards and Technology (NIST)
VuosikertaNISTIR 7966
Sivumäärä50
TilaJulkaistu - 31 lokakuuta 2015
OKM-julkaisutyyppiD4 Julkaistu kehittämis- tai tutkimusraportti taikka -selvitys

Tieteenalat

  • 113 Tietojenkäsittely- ja informaatiotieteet

Lainaa tätä

Ylonen, T., Turner, P., Scarfone, K., & Souppaya, M. (2015). Security of Interactive and Automated Access Management Using Secure Shell (SSH). National Institute of Standards and Technology (NIST).
Ylonen, Tatu ; Turner, Paul ; Scarfone, Karen ; Souppaya, Murugiah. / Security of Interactive and Automated Access Management Using Secure Shell (SSH). National Institute of Standards and Technology (NIST), 2015. 50 Sivumäärä
@book{c0d259a7e88d4e049bec8cca256850fc,
title = "Security of Interactive and Automated Access Management Using Secure Shell (SSH)",
abstract = "Users and hosts must be able to access other hosts in an interactive or automated fashion, often with very high privileges. This is necessary for a variety of reasons, including file transfers, disaster recovery,privileged access management, software and patch management, and dynamic cloud provisioning. Accessing other hosts is often accomplished using the Secure Shell (SSH) protocol. The SSH protocol supports several mechanisms for interactive and automated authentication. Management of this accessrequires proper provisioning, termination, and monitoring processes. However, the security of SSH key-based access has been largely ignored to date. This publication assists organizations in understanding the basics of SSH interactive and automated access management in an enterprise, focusing on the management of SSH user keys.",
keywords = "113 Computer and information sciences",
author = "Tatu Ylonen and Paul Turner and Karen Scarfone and Murugiah Souppaya",
year = "2015",
month = "10",
day = "31",
language = "English",
volume = "NISTIR 7966",
publisher = "National Institute of Standards and Technology (NIST)",
address = "United States",

}

Ylonen, T, Turner, P, Scarfone, K & Souppaya, M 2015, Security of Interactive and Automated Access Management Using Secure Shell (SSH). Vuosikerta NISTIR 7966, National Institute of Standards and Technology (NIST).

Security of Interactive and Automated Access Management Using Secure Shell (SSH). / Ylonen, Tatu; Turner, Paul; Scarfone, Karen; Souppaya, Murugiah.

National Institute of Standards and Technology (NIST), 2015. 50 s.

Tutkimustuotos: Kirja/raporttiTutkimusraportti

TY - BOOK

T1 - Security of Interactive and Automated Access Management Using Secure Shell (SSH)

AU - Ylonen, Tatu

AU - Turner, Paul

AU - Scarfone, Karen

AU - Souppaya, Murugiah

PY - 2015/10/31

Y1 - 2015/10/31

N2 - Users and hosts must be able to access other hosts in an interactive or automated fashion, often with very high privileges. This is necessary for a variety of reasons, including file transfers, disaster recovery,privileged access management, software and patch management, and dynamic cloud provisioning. Accessing other hosts is often accomplished using the Secure Shell (SSH) protocol. The SSH protocol supports several mechanisms for interactive and automated authentication. Management of this accessrequires proper provisioning, termination, and monitoring processes. However, the security of SSH key-based access has been largely ignored to date. This publication assists organizations in understanding the basics of SSH interactive and automated access management in an enterprise, focusing on the management of SSH user keys.

AB - Users and hosts must be able to access other hosts in an interactive or automated fashion, often with very high privileges. This is necessary for a variety of reasons, including file transfers, disaster recovery,privileged access management, software and patch management, and dynamic cloud provisioning. Accessing other hosts is often accomplished using the Secure Shell (SSH) protocol. The SSH protocol supports several mechanisms for interactive and automated authentication. Management of this accessrequires proper provisioning, termination, and monitoring processes. However, the security of SSH key-based access has been largely ignored to date. This publication assists organizations in understanding the basics of SSH interactive and automated access management in an enterprise, focusing on the management of SSH user keys.

KW - 113 Computer and information sciences

UR - https://nvlpubs.nist.gov/nistpubs/ir/2015/nist.ir.7966.pdf

M3 - Commissioned report

VL - NISTIR 7966

BT - Security of Interactive and Automated Access Management Using Secure Shell (SSH)

PB - National Institute of Standards and Technology (NIST)

ER -

Ylonen T, Turner P, Scarfone K, Souppaya M. Security of Interactive and Automated Access Management Using Secure Shell (SSH). National Institute of Standards and Technology (NIST), 2015. 50 s.