Notifications
Clear all
Topic starter
25/06/2026 10:44 pm
TL;DR: SSH keys still secure remote access and automation, but manual management leaves organisations exposed to key sprawl, weak revocation, and hidden privileged access, according to Keyfactor. The real issue is governance, because keys without lifecycle control become persistent machine identities that outlive the trust decisions behind them.
NHIMG editorial — based on content published by Keyfactor: Why SSH Key Management Matters in Modern Security
By the numbers:
- Passphrases over 14 characters are generally considered strong.
Questions worth separating out
Q: How should security teams govern SSH keys in cloud and hybrid environments?
A: Treat SSH keys as managed machine identities, not static admin shortcuts.
Q: Why do unmanaged SSH keys create so much access risk?
A: Unmanaged SSH keys create risk because they do not expire on their own and can be copied silently across devices, scripts, and automation jobs.
Q: What is the difference between SSH keys and SSH certificates for governance?
A: SSH keys are reusable credentials that can persist indefinitely unless administrators remove them, while SSH certificates are time-bounded identities signed by a central authority.
Practitioner guidance
- Inventory all SSH identities and assign owners Build a complete list of keys, certificates, and authorized key files across servers, admin endpoints, automation systems, and vendor-managed access paths.
- Replace standing SSH keys with expiring certificates Move privileged and automated SSH access to certificate-based authentication where possible, with short validity periods and central signing authority.
- Automate discovery, rotation, and revocation Use centralized tooling to find orphaned keys, rotate active identities, and revoke anything that no longer has a valid business purpose.
What's in the full article
Keyfactor's full blog post covers the operational detail this post intentionally leaves for the source:
- Practical SSH Key Manager workflows for discovery, monitoring, and rotation across live environments
- Platform-specific certificate automation details in EJBCA for teams ready to replace manual SSH handling
- Step-by-step policy guidance for enforcing least privilege, RBAC, and IP-based restrictions on SSH access
- Examples of logging, alerting, and audit collection patterns for suspicious SSH activity
👉 Read Keyfactor's analysis of SSH key management and machine identity control →
SSH keys, lifecycle control, and the governance gap teams miss?
Explore further
25/06/2026 11:24 pm
SSH key management is a lifecycle governance problem disguised as a cryptography topic. The article is right to frame manual key handling as the real weakness, because keys without expiry, ownership, and revocation become persistent identities rather than controlled access artefacts. That is an NHI governance failure, not a cipher failure. Practitioners should treat SSH access as part of the machine identity estate, not as an isolated admin convenience.
A few things that frame the scale:
- 1 in 4 organisations are already investing in dedicated NHI security capabilities, with an additional 60% planning to do so within the next twelve months, according to The State of Non-Human Identity Security.
- Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities.
A question worth separating out:
Q: What should teams do when they find stale SSH access?
A: Revoke the identity immediately, confirm whether it was copied into scripts or automation, and verify that no dependent workload still requires it. Then update the inventory and ownership record so the same access path cannot reappear unnoticed. The goal is to close the trust path, not just delete a file.
👉 Read our full editorial: SSH key management is now a lifecycle governance problem
