SSH Key Management Guidelines

Aug 26, 2014

The US government rolls new best-practice rules for protecting SSH.

The US National Institute of Standards and Technologies (NIST) has published a draft of new Guidelines for SSH Key Management. The new guidelines are aimed at government system admins and CIOs but are intended to serve as a general, best-practice standard for the IT industry. The draft version of NISTIR7966 “Security of Automated Access Management Using Secure Shell (SSH)” is available for download at the NIST website.
SSH co-creator Tatu Ylonen serves as lead author for the guidelines. Early chapters of the 43-page PDF document cover SSH basics and discuss the most common vulnerabilities associated with SSH keys. Later sections focus on recommended practices and procedures for planning and implementing a key management policy.
The guidelines highlight the need for continuous monitoring and auditing of key use, as well as proper configuration and procedures for terminating key access.

Related content

  • News

    Updates on Technologies, Trends, and Tools

  • ODF Alliance Reports Record Growth in Application Support for ODF

    The OpenDocument Format Alliance (ODF Alliance) today reported world wide growth in software applications implementing support for ODF in their products.

  • Welcome

    The big search engines have way too much power over the business world. It almost doesn't matter what your business is. Almost every industry has some kind of online presence – either to sell directly or to provide information to users in need of addresses and product details.

  • Guidelines for European Open Source Procurement Published

    The OSOR agency has published a study that should make it easier for public administrations in Europe to make decisions regarding open source software procurement.

  • NEWS

    Updates on technologies, trends, and tools

comments powered by Disqus

Issue 261/2022

Buy this issue as a PDF

Digital Issue: Price $12.99
(incl. VAT)