Introducing SSH command logging
Cloudflare has introduced SSH (Secure Shell Protocol) command logging as part of its Zero Trust platform, aiming to enhance security and visibility for remote machines management. Traditional SSH security methods have limitations in terms of tracking user actions and preventing lateral movement within a network. The new feature captures all commands run during an SSH session, including across multiple jump-hosts or bastions, providing a clear picture of events in case of accident, suspected breach, or attack. It also supports secure TLS inspection of all traffic from user devices and eliminates the need for complex logging software on individual machines. The logs captured by Cloudflare are immediately encrypted to ensure only authorized security users can inspect SSH commands.
Company
Cloudflare
Date published
March 18, 2022
Author(s)
Ankur Aggarwal, Eduardo Gomes, Kenny Johnson
Word count
686
Language
English
Hacker News points
23