/
Authentication to Linux Machines Should Require SSH Keys

Authentication to Linux Machines Should Require SSH Keys

Owned by Former user (Deleted)
Aug 11, 2021
1 min read

Description:

Although SSH itself provides an encrypted connection, using passwords with SSH still leaves the VM vulnerable to brute-force attacks. The most secure option for authenticating to an Azure Linux virtual machine over SSH is with a public-private key pair, also known as SSH keys.



Solution/Reference: 

To use SSH for authentication to your Linux virtual machine:
1. Create an SSH key pair for the Linux virtual machine.
2. Disable password authentication in the Linux virtual machine's configuration.
3. Update the SSH key in your Azure Resource Manager template (replace the admin password with the adminSSHKey parameter) or via the Azure CLI (with the --generate-ssh-keys command). Learn more in Create and use an SSH public-private key pair for Linux VMs in Azure.

Related content

Linux Virtual Machines Should Use Secure Boot
Linux Virtual Machines Should Use Secure Boot
CUIT CyberSecurity
More like this
Management Ports of Virtual Machines Should be Protected with Just-In-Time Network Access Control
Management Ports of Virtual Machines Should be Protected with Just-In-Time Network Access Control
CUIT CyberSecurity
More like this
Management Ports Should Be Closed on Your Virtual Machines
Management Ports Should Be Closed on Your Virtual Machines
CUIT CyberSecurity
More like this
SSH Access to the Internet should be blocked
SSH Access to the Internet should be blocked
CUIT CyberSecurity
More like this
Firewall Should be Enabled on Key Vault
Firewall Should be Enabled on Key Vault
CUIT CyberSecurity
More like this
All Network Ports Should Be Restricted on Network Security Groups Associated to Your Virtual Machine
All Network Ports Should Be Restricted on Network Security Groups Associated to Your Virtual Machine
CUIT CyberSecurity
More like this