Authenticate Machines not Users

I have been dealing with servers, deployments and system security since long time. One practice that I see and looks much evil to me is using password authentication while deploying to server and/or using password directly into deployment scripts.

Firstly putting password into deployment script is strict NO-NO, since it compromises with server security. So one should always avoid giving server access to deployment script.

Risks that this approach posses:

1.) Compromise to system/server security. Whoever have access to deployment script have access to system/server.

2.) Password need to be changed every time, there is a need to revoke rights of any user. Since system/server password should be complicate enough to give brute-force a hard time, makes it very difficult to memorize.

3.) Server can be accessed from any system around the world having internet connectivity.

Secondly; even though one is not putting its password in deployment script, but distributed among developer/administrator who handles deployment.

Risk that this approach posses are:

1.) Password need to be changed every time, there is a need to revoke rights of any user. Since system/server password should be complicate enough to give brute-force a hard time, makes it very difficult to memorize.

2.) Server can be accessed from any system around the world having internet connectivity.

Solution

Now to solve these possible security compromises, there are multiple and easy mechanism in place out there. One of them is authenticating developer machine instead of user. Unix system provide a very nice solution known as ssh keys.

How this works:

1.) Ask developer/administrator to generate and provide ssh public keys stamped by there email or system name(default).

SSH keypairs can be generated by issuing following command to unix system

ssh-keygen -t <key-type-default-is-rsa> -C <email-or-system-name>

developer/admin can wish to add more security by providing passphrase to ssh keypairs. Public key can be found under ~/.ssh folder named as in generator. if name was rsa then public key would be

~/.ssh/id_rsa.pub

2.) Add there public key in file named as authorized_keys. Can be found under home ssh folder

~/.ssh/

3.) Now every ssh connection from that particular machine would automatically be authenticated without providing password. It can be made highly secured by using password of machine user’s wish.

<3 <3 <3