How Uber, Facebook, and Netflix Do SSH
- A study shows there is a cybersecurity attack every 39 seconds.
- In a typical SSH protocol:
- the server trusts the client if the client’s public key is listed as authorized,
- and the client trusts the server’s public key on first use (TOFU).
- The trust on first use (TOFU) approach delegates the trust to the clients and leave them vulnerable to man-in-the-middle attacks.
- One solution to fix this is using SSH certificates and SSH certificate authorities (CA).
- Many companies take Zero-Trust approach.
- BeyondCorp is Google’s Zero-Trust model that does NOT use a VPN.
- Uber uses the Uber SSH Certificate Authority (USSHCA) along with a pam module for continued validity of a user.
- Facebook has implemented its own SSH servers to trust based on certificate authorities (CA).
- Certificates issued by CA includes all permissions and privileges for each user.
- Netflix uses Bastion’s Lambda Ephemeral SSH Service (BLESS) certificate authority.
- BLESS runs on AWS Lambda and uses AWS Key Management Service (KMS).
- Netflix’s SSH bastion uses SSO to authenticate users and issuing short-lived certificates.
- Teleport provides role-based access control using existing SSH protocol.