In any organisation of a large size managing access to servers and cloud resources is difficult.
There is often a tradeoff between convenience and security.
Changing these settings is also a bit scary in production as you can be locked out of your servers...
In this post we will look at what we need to achieve better SSH security and how to implement it...
What we need to know
The topics we should read up on are:
- TLS certificates and public key cryptography
- Public Key Infrastructure (PKI)
- Hashicorp Vault
Some books might be:
- Network Security with OpenSSL 2009
- Implementing SSL_TLS Using Cryptography and PKI - Joshua Davies 2011
- SSL and TLS Theory and Practice, Second Edition - Oppliger Rolf 2016
- Certificate Management with Hashicorp Vault - blog post
- SSH, the Secure Shell - Barrett Daniel 2009
That is alot of reading.