NIST released Interagency Report 7966 this week, a guidance document for organizations using the Secure Shell network protocol for automated access. NIST called out a number of common vulnerabilities, including vulnerable implementations where organizations use older, unpatched versions of the crypto software or implement weak configurations. The document recommends four components be part of every SSH implementation: controlled provisioning and termination processes for SSH keys; continuous monitoring and auditing of keys; proper SSH client/server configurations; remediation of existing SSH keys as necessary.
Source: https://threatpost.com/nist-releases-secure-shell-guidance-document/107889/