Secure Shell (SSH) is a network protocol that normally operates on port 22 and allows remote logins to computers. This protocol is a known attack target because misconfigured services can easily allow an adversary complete access to the system and the University network. To minimize exposure, we intend to restrict inbound access from the Internet using SSH on port 22.
As this transition unfolds, we will be encouraging faculty, staff, and students to use the UConn VPN when accessing university systems from outside of our network, but we fully understand that there will still be situations where direct external access using this protocol will be necessary. We expect to preserve SSH access where needed, but this will require that such servers meet established guidelines, including proper logging and review (typically via Splunk), inclusion in Vulnerability Management, proper device patching and lifecycle management, and where available, Microsoft Defender ATP. Owners will be asked to complete the following form to request an exception: https://security.uconn.edu/ssh-exception-form/
ITS will provide an announcement in January with additional information, including a tentative implementation date. In the interim, we will seek to identify active SSH/SFTP and will reach out to individual parties to consult and gather information. We ask that you help us alert faculty members that the use of SSH will be changing and that they should anticipate follow up from us as we proceed.
If you have questions about this initiative, please contact the Information Security Office at email@example.com.