EC2 instance SSH key should not be shared between instances with different access permissions
You have one or more public EC2 instances that share an SSH key with another instance that has administrative privileges. Create unique SSH keys for each system to ensure that an attacker cannot gain administrative access by compromising the public instance.
Change your instance configurations so that public instances use ssh keys which are different from those used by instances with administrative privileges.
|Framework Name||Framework Version||Control Name||Control Description|
|NIST CSF||1.1||pr.ac.4||Manage permissions and authorizations|
|NIST SP 800-171||Revision 1||3.1.6||Use non-privileged accounts or roles when accessing nonsecurity functions.|
|NIST SP 800-53||Revision 5||IA-5(2)||Authenticator Management | Public Key-based Authentication|
|NIST SP 800-53||Revision 5||AC-2(7)||Account Management | Privileged User Accounts|
|ISO IEC 27001||2013||A.9.2.5||Access control | User access management | Review of user access rights|
|ISO IEC 27001||2013||A.9.2.6||Access control | User access management | Removal or adjustment of access rights|
|ISO IEC 27001||2013||A.10.1.2||Cryptography | Cryptographic controls | Key management|
|AICPA SOC 2||2017||cc6.1||Logical access controls|
|AICPA SOC 2||2017||cc6.2||User credential management|
- You can read more about managing SSH keys on EC2 instances at (AWS) Managing SSH Access
Review each link for further information on their respective topics.