ECSs Have Key Pairs Attached
Rule Details
Parameter |
Description |
---|---|
Rule Name |
ecs-instance-key-pair-login |
Identifier |
ECSs Have Key Pairs Attached |
Description |
If an ECS does not have a key pair configured, this ECS is non-compliant. |
Tag |
ecs |
Trigger Type |
Configuration change |
Filter Type |
ecs.cloudservers |
Rule Parameters |
None |
Application Scenarios
A key pair consists of a public key and a private key. Key Pair Service (KPS) stores the public key and you store the private key. If you have imported a public key into a Linux ECS, you can use the corresponding private key to log in to the ECS without a password. Key pairs provide the following benefits:
- Preventing credential leakage: You can configure key pairs and disable password login to prevent brute force attacks. Private keys are usually more difficult to guess or crack than passwords.
- Encrypted communication: Key pairs use asymmetric encryption technology to ensure SSH communication security and prevent man-in-the-middle (MITM) attacks.
Solution
On the management console, create a key pair and clear the password for an ECS. For details, see Key Pairs.
Rule Logic
- If an ECS does not have a key pair configured, this ECS is non-compliant.
- If an ECS has a key pair configured, this ECS is compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot