VM instance with 'Block Project-wide SSH keys' disabled

Authentication

VM instance with ‘Block Project-wide SSH keys’ disabled

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
CPRA
GCP CIS
GDPR
HITRUST
ISO/IEC 27001
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-190
NIST 800-53
PDPA
UK Cyber Essentials

Description

Project-wide SSH keys are stored in Compute/Project-meta-data. Project wide SSH keys can be used to login into all the instances within project. Using project-wide SSH keys eases the SSH key management but if compromised, poses the security risk which can impact all the instances within project. It is recommended to use Instance specific SSH keys which can limit the attack surface if the SSH keys are compromised.

Recommended Mitigation

Enable Block project-wide SSH keys for each Vm instance.

VM instance with ‘Block Project-wide SSH keys’ disabled

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS