https://bugzilla.mindrot.org/show_bug.cgi?id=3790
Bug ID: 3790
Summary: RFE: Simplified SSH Key Management for Organizations
with Automatic Retrieval
Product: Portable OpenSSH
Version: 9.9p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Miscellaneous
Assignee: unassigned-b...@mindrot.org
Reporter: martin.de.te...@gmail.com
Managing SSH client keys in organizations remains a challenge,
especially when aiming for a seamless, user-friendly experience with
varying user skill levels.
Current solutions require either manual key distribution or complex
certificate-based authentication setups, both of which impose a
learning curve and administrative overhead.
To enhance SSH usability while maintaining security, I propose the
following streamlined approach:
- Introduce a "key server" concept, requiring minimal client-side
configuration. Users should not be able to connect to this server
manually to reduce phishing risks. This can be one of the main sshd
servers in the organization and it should not require other software
than what comes with ssh/sshd.
- When a user attempts to connect to a server X, the SSH client first
queries the key server(s) (if configured) for an available key. If a
key exists, it is retrieved and used for authentication. The user is
authenticated to the key server using standard SSH authentication
methods.
- If no key is found, the connection falls back to default SSH behavior
(e.g., password authentication, or manually managed keys). A warning
could be provided to inform users that no key was found on the key
server (when one was configured).
- The key server can control attributes such as key strength, validity
lifetime etc.
This model would simplify administration while maintaining flexibility.
The only administrative tasks required would be:
1. Configuring (or instructing the user to configure) the client to
recognize the key server (a one-time setup).
2. Configuring and maintaining the key server wich whould not require
other separately installed software than a standard sshd setup.
All other functionality would emerge naturally with minimal
maintenance, improving usability while preserving security.
Would it be feasible to introduce such a mechanism in OpenSSH to
facilitate centralized yet user-transparent SSH key management?
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
