turbot/azure_compliance

Control: Authentication to Linux machines should require SSH keys

Description

Although SSH itself provides an encrypted connection, using passwords with SSH still leaves the VM vulnerable to brute-force attacks. The most secure option for authenticating to an Azure Linux virtual machine over SSH is with a public-private key pair, also known as SSH keys.

Usage

Run the control in your terminal:

powerpipe control run azure_compliance.control.compute_vm_ssh_key_authentication_linux

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run azure_compliance.control.compute_vm_ssh_key_authentication_linux --share

SQL

This control uses a named query:

compute_vm_ssh_key_authentication_linux

Tags