Implementing Zero Trust Model for SSH Security with kerberos and OpenLDAP

Abstract

In order to remove trust presumptions towards the internal network, this study addresses the use of the Zero Trust Model in SSH (Secure Shell) security. The study approach is conducting tests by incorporating the Kerberos and OpenLDAP protocols into the SSH infrastructure. While OpenLDAP acts as a central directory for user management and permission access, Kerberos is utilized for single authentication and security resources like Kerberos tickets. As the server operating system for this investigation, Debian was used. Strong justification exists for securing SSH with Kerberos and OpenLDAP. SSH protocol assaults commonly target the standard port 22 (SSH), which is used for SSH. To ensure the security and integrity of the server system, the SSH port must be protected with Kerberos and OpenLDAP. SSH access is limited by Kerberos single authentication, which lowers the possibility of brute-force assaults and password theft. User administration and authorisation are facilitated by the integration of OpenLDAP. Implementing the Zero Trust strategy enables strong authentication and defends the system from insider threats. The system is protected from internal and external network assaults thanks to robust authentication, accurate authorisation, and isolating internal and external networks. An essential step in maintaining the security of the server system, data integrity, and information confidentiality is to secure port 22 and improve SSH with this integration. The research findings show that applying the Zero Trust model through this protocol integration greatly improves system security, resulting in better authentication and authorisation.