SSH Keys: Difference between revisions

Jump to navigation Jump to search

SSH Keys (view source)

Revision as of 21:23, 23 October 2023

2,023 bytes added ,  1 year ago
Added blurb about compromised keys and the key revocation list
No edit summary
(Added blurb about compromised keys and the key revocation list)
Line 209: Line 209:
<!--T:7-->
<!--T:7-->
[[Category:Connecting]]
[[Category:Connecting]]
== Compromised SSH Keys ==<!--T:8-->
A compromised SSH key refers to a situation where unauthorized individuals gain access to the private key component, or a key has been (or may have been) accessed by an unauthorized third-party.
This compromise can occur through various means, such as ''improper key management, theft'', or a ''security breach''.
When an SSH key is compromised, it poses a significant security risk, as malicious actors can use it to gain unauthorized access to systems and sensitive data.
To mitigate the risks associated with compromised SSH keys, the Digital Research Alliance of Canada maintains a '''Key Revocation List (KRL)'''.
The '''Key Revocation List (KRL)''' is a registry of SSH keys that are no longer trusted or valid for any reason. due to compromise, security concerns, or other reasons.
Any SSH key that is listed on this revocation list is effectively barred from accessing Alliance services.
If you discover that your SSH key has been compromised, it is ''imperative'' that you take immediate action.
First, you should replace the compromised key with a new one to ensure the security of your connections to Alliance services. Simultaneously, you should cease using the compromised key to access any other services to prevent potential unauthorized access or data breaches.
However, if you believe that your SSH key has been listed on the Key Revocation List in error, or if you have concerns or questions related to key revocation and access to Alliance Can services, we strongly recommend that you contact the support team at '''support@tech.alliancecan.ca'''''Italic text'' for assistance and clarification regarding your SSH key status. They will be able to guide you through the resolution process and help ensure the continued security of your digital interactions with the Alliance Can services.
Security is of paramount importance, and swift action in response to a compromised SSH key is essential to maintain the integrity of digital research and collaboration.
</translate>
</translate>
Sbucholt
cc_staff
2

edits

Retrieved from "https://docs.alliancecan.ca/wiki/Special:MobileDiff/145813"

Navigation menu