To address the cumbersome nature of setting up SSH keys in our system, we’ve built a new, dedicated SSH Key management interface to let you view, create, and revoke keys minus the searching and extra steps.
SSH Keys are a tool used in file transfer along with SFTP that allows for passwordless connections to your account. They come in pairs — a public key and a private key. Your private key gets stored on your local computer. The public portion of the key gets stored inside the file transfer account you’ll be connecting to.
ExaVault SSH Key Management
ExaVault has always supported SSH Keys, offering you advanced security above and beyond a username and password. However, our previous implementation was a little unconventional and difficult to use. Creating a new key didn’t happen in a clear location. The process created new folders and files in your account just to house your keys.
Initially, our Product Manager talked with several clients about how they used SSH Keys in ExaVault and what aspects they found helpful, intuitive, or just plain hard to figure out. These conversations uncovered places where our product could improve, and our product manager started wireframing. Once the initial concept was laid out, our Software Engineering team, pairing with our UI/EX Engineer, took the wireframes, and a brand new interface to manage your keys began to take shape.
Consolidation Is Key
Taking the time to understand how our customers utilize SSH keys led to a whole new key management design. A new design highly focused on consolidating keys in one place and increasing visibility into their usage. Eventually, the initial wireframes turned into a new page within your ExaVault account.
The New Interface
Once we thought through our plan and design ideas, we moved towards bringing it to life in the application. We wanted to significantly increase visibility into key usage, which you’ve never seen before in ExaVault.
Now you’ll be able to see in one spot;
- When a new key was created.
- Who it’s assigned to, so you always know who’s using keys.
- When the key was last used, to track inactive keys or suspiciously active keys.
Setting Up New Keys
Creating new keys has also been revamped to provide more options for using your own keys in addition to letting us generate them.
To create new keys, you now have two routes;
- As before, from the “Users” page, click the context menu on a user and “Generate SSH Keys.”
- From the “SSH Keys” page, click “Add New SSH Key.”
Both options will open a new modal window. There you prompt ExaVault to generate a key pair for you, or you may upload your own generated public key to use.
No More .sftp Folders
Previously, when you created a new key, you would get a new “.sftp” folder with an “authorized_keys” file created on your user’s root directory. While these folders are still in your account, you no longer need them.
We’ve switched from storing SSH keys in your account to storing them securely within a database. The deprecated folders have been renamed “authorized_keys_legacy_import” and can be safely deleted from your account if you wish. Any existing keys have already been migrated to our database.
One final note that we want to mention. The prior method of creating keys allowed your users to create keys by merely uploading a key into the account with the properly named folders/files. This wasn’t an intentional functionality of the system and is no longer supported in the new version. If this was a feature you used, we do apologize. After much discussion, we decided removing the functionality that could allow users to bypass an admin’s policies was the best route forward.
We hope this new key management interface helps empower you to take advantage of the security enhancements offered by SSH Keys.
Ready to set up SSH Keys? Check out the new interface in your account today! If you have any questions, you can always reach out to us — firstname.lastname@example.org.