Knowledge Base

An SSH key is shared by EC2 instances with different levels of access

Provider: AWS
Service: ec2
Severity: High

Description

An EC2 instance that is accessible from the public Internet shares an SSH key with an instance that has administrative privileges. You should create unique SSH keys for each system to ensure that an attacker cannot gain administrative access by compromising the publicly accessible instance.

Suggested Action

Change your instance configurations so that public instances use ssh keys which are different from those used by instances with administrative privileges.

Compliance:

Framework Name Control # Control Description
nist-csf 1.1 pr.ac.4 Manage permissions and authorizations
nist-sp800-171 Revision 1 3.1.6 Use non-privileged accounts or roles when accessing nonsecurity functions.

References:


  • You can read more about managing SSH keys on EC2 instances at this link