The SSH
The SSH (secure shell) protocol provides for secure connections between computers. It provides several options for authentication, including public key, and protects the communications with strong encryption. Trusted Public Keys with No Known Private Keys report shows a list of SSH public keys found in authorized_keys files on servers managed with the SSH orchestrator Keyfactor orchestrators perform a variety of functions, including managing certificate stores and SSH key stores. that do not have a matching private key Private keys are used in cryptography (symmetric and asymmetric) to encrypt or sign content. In asymmetric cryptography, they are used together in a key pair with a public key. The private or secret key is retained by the key's creator, making it highly secure. in Keyfactor Command.
The export options for the SSH Trusted Public Keys with No Known Private Keys report are CSV and Excel.
The grid includes:
- Logon Name
The Linux user account associated with the SSH public key In asymmetric cryptography, public keys are used together in a key pair with a private key. The private key is retained by the key's creator while the public key is widely distributed to any user or target needing to interact with the holder of the private key. found on the target machine. - Fingerprint
The fingerprint of the SSH public key found associated with the referenced logon on the target machine. - Date Found
The date (in UTC time) on which Keyfactor Command found the SSH public key on the target machine. - Key Type The key type identifies the type of key to create when creating a symmetric or asymmetric key. It references the signing algorithm and often key size (e.g. AES-256, RSA-2048, Ed25519).
The key type of the SSH public key found on the target machine. - Key Length The key size or key length is the number of bits in a key used by a cryptographic algorithm.
The key length of the SSH public key found on the target machine. - Hostname The unique identifier that serves as name of a computer. It is sometimes presented as a fully qualified domain name (e.g. servername.keyexample.com) and sometimes just as a short name (e.g. servername).
The host name The unique identifier that serves as name of a computer. It is sometimes presented as a fully qualified domain name (e.g. servername.keyexample.com) and sometimes just as a short name (e.g. servername). of the server on which the root logon was found to have an SSH public key providing logon access. - Server Group
The server group to which the server on which the root logon was found belongs.
The input parameters for this report are:
- The start date and end date range for the report. This is the date range during which SSH keys were discovered by Keyfactor Command. The default start date is one month prior to the current date. The default end date is the current date, meaning only SSH keys that have no matching private key discovered within the last month will be included in the report.
- The SSH Key Types to include in the report. You must select at least one key type using the Select SSH Key Types button.