Checks whether a Secure Shell (SSH) key pair is used to log on to each Linux server. If so, the evaluation result is considered compliant.
Scenarios
You can use SSH key pairs to log on to only Linux servers. An SSH key pair is a secure and convenient logon authentication method provided by Alibaba Cloud. An SSH key pair consists of a public key and a private key.
Risk level
Default risk level: medium.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
- If an SSH key pair is used to log on to each Linux server, the evaluation result is considered compliant.
- If an SSH key pair is not used to log on to a Linux server, the evaluation result is considered incompliant. For more information about how to remediate an incompliant configuration, see Incompliance remediation.
Rule details
| Item | Description |
|---|---|
| Rule name | ecs-instance-login-use-keypair |
| Rule identifier | ecs-instance-login-use-keypair |
| Tag | ECS |
| Automatic remediation | Not supported |
| Trigger type | Configuration change |
| Supported resource type | ECS instance |
| Input parameter | None. |
Incompliance remediation
Bind an SSH key pair to an ECS instance after you create the instance. For more information, see Bind an SSH key pair to an instance.