Google Cloud Best practices for securing SSH access to VM instances

Allowing users to connect to Google Cloud VMs using SSH is convenient and often unavoidable. But it’s not without risks.

In a new set of articles published on the Google Cloud website, I cover a range of best practices that we can use to better secure SSH access to our VM instances and protect our workloads:

  1. Controling network access describes best practices for implementing zero trust access for SSH, and avoiding VMs from being more exposed than necessary.
  2. Controling SSH login access covers best practices for managing access, and for ensuring that access is revoked when users leave teams or the organization.
  3. Protecting SSH credentials contains best practices for protecting SSH keys and enforcing multi-factor authentication.
  4. Auditing SSH access describes best practices for maintaining a reliable audit trail.

You can read the whole thing on the Google Cloud website.

For a full list of articles I’ve published on the Google Cloud website, see Articles on cloud.google.com.

Any opinions expressed on this blog are Johannes' own. Refer to the respective vendor’s product documentation for authoritative information.
« Back to home