SSH Keys with Root Logon Access

The SSH The SSH (secure shell) protocol provides for secure connections between computers. It provides several options for authentication, including public key, and protects the communications with strong encryption. Keys with Root Logon Access report shows a list of SSH public keys found associated with root logon authorized_keys files on servers managed with the SSH orchestrator Keyfactor orchestrators perform a variety of functions, including managing certificate stores and SSH key stores.. Holders of the matching private keys for these public keys can gain root access without providing the root password.

The export options for the SSH Keys with Root Logon Access report are CSV and Excel.

The grid includes the fields:

• Account Name
  The Active Directory user account associated with the key found to have root access on the target machine, if any. This field will only be populated for keys created in Keyfactor Command.
• Fingerprint
  The fingerprint of the SSH public key In asymmetric cryptography, public keys are used together in a key pair with a private key. The private key is retained by the key's creator while the public key is widely distributed to any user or target needing to interact with the holder of the private key. found associated with the root logon on the target machine.
• Hostname The unique identifier that serves as name of a computer. It is sometimes presented as a fully qualified domain name (e.g. servername.keyexample.com) and sometimes just as a short name (e.g. servername).
  The host name The unique identifier that serves as name of a computer. It is sometimes presented as a fully qualified domain name (e.g. servername.keyexample.com) and sometimes just as a short name (e.g. servername). of the server on which the root logon was found to have an SSH public key providing logon access.
• Creation Date
  The date (in UTC time) on which the SSH key was created. This field will only be populated for keys created in Keyfactor Command.
• Date Found
  The date (in UTC time) on which Keyfactor Command found the root logon SSH public key on the target server. This field will only be populated for keys discovered outside of Keyfactor Command (as opposed to created in Keyfactor Command).
• Key Type The key type identifies the type of key to create when creating a symmetric or asymmetric key. It references the signing algorithm and often key size (e.g. AES-256, RSA-2048, Ed25519).
  The key type of the SSH public key found to have root access on the target machine.
• Key Length The key size or key length is the number of bits in a key used by a cryptographic algorithm.
  The key length of the SSH public key found to have root access on the target machine.

The input parameter A parameter or argument is a value that is passed into a function in an application. for this report is:

• The start date and end date range for the report. This is the date range during which SSH keys that allow root logon were created or discovered by Keyfactor Command. The default start date is one month prior to the current date. The default end date is the current date, meaning only SSH keys with root access discovered or created within the last month will be included in the report.
• The SSH Key Types to include in the report.
Note:  By default, this report is configured not to appear on the top menu under Reports and can be found only in Report Manager. You can change this by modifying the Show in Navigator setting (see Report Manager Operations).