Authentication

Non Corporate Authentication Key

Risk Level

Hazardous (3)

Platform(s)
  • N/A

Description

The SSH authorized_keys file contains the following non-corporate account keys: 'xxx@gmail.com', 'xxx@yahoo.com'. Illegitimately added keys usually have non-corporate usernames and email addresses. This is why itÕs important to periodically scan the authorized_keys file for non-corporate entries.