Quality Assurance and Project Management

Apr 29 2018   11:26AM GMT

How To Handle Secure Shell (SSH) Vulnerabilities?

Jaideep Khanduja Jaideep Khanduja Profile: Jaideep Khanduja

Tags:
Data Encryption
IT security
Secure Shell
SSH

Is Secure Shell or what we call it as SSH completely secure? It is almost more than two decades when Tatu Ylonen from Finland realized a strong need for security components in the online transactions. Realizing that, he created SSH, a powerful protocol to access anything on the internet. What it does is, it creates a trusted access by means of encrypting all kind of communication that takes place. In turn, that secures it from any attack in transit. So basically, SSH builds a tunnel where every communication gets encrypted. So that, there is a secure communication between any two points. It was simple yet powerful. In fact, it was an immediate need of the online world. Hence, it was popular in no time. As a result, every OS and device vendor ensured to pre-install it in their software/device. Like, all Unix, Mainframe, Mac, or Linux devices had it.

Secure Shell

Photo credit: xmodulo on Visualhunt / CC BY

Not only that, most of the network devices also had the SSH or Secure Shell in-built. The whole story is all about access. If it is so strong, then why there are so many cases of cybersecurity? It is because of various reasons. The first and foremost is that it is taken for granted as it comes pre-installed. I don’t think there is a technical attention in any organization to monitor SSH transactions within the organization and with the outside world. Rather, everybody thinks if SSH is there, it means complete encryption and hence complete security. But who will check for flaws in the system? and what about any customization need of the organization in this regard? Who will manage it? In fact, before you think of managing it, there has to be someone who understands it. As a matter of fact, encryption alone doesn’t ensure 100% protection.

Secure Shell Needs An Enterprise Wide Technical Attention

When we talk about SSH or Secure Shell, it is basically all about authorized access. The challenge for any organization is to protect its data from illegal entities. Let us see what are the main risks of SSH. As we know, there is a private key and a public key to access any data. A public key, in fact, relates to a lock and the private key is its key. The lock remains on a door and the key is in the safe hands of a person. The main risk is of granting access to critical applications in an organization. If keys are self-provisioned, anybody can grant access having rights to do so. As a matter of fact, all security tools fail if this happens. The risk increases when people start sharing keys. In those cases, it becomes difficult to catch the culprit after a blunder.

Another high-risk factor in case of Secure Shell is no expiry date of its keys. to avoid all these blunders, it is important to have an effective SSH key management mechanism in place. this should include periodic reviews, proper documentation, and appropriate IT controls.

1  Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • Kevin Beaver
    Good piece...I see a lot of people ignoring this vulnerability as well. All it takes is an outdated version, i.e. SSH v1, to create vulnerabilities on the network. Key management is an entirely different issue. You definitely can't address the security flaws that you don't acknowledge. Certain caveats aside, this is not typically something I would consider to be critical or high priority but it is something that needs to be addressed.
    27,515 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: