Unsecured and unencrypted SSH private keys are a major security threat on Linux. In this video we go over how easy unsecured SSH private keys can be stolen by intruders to use for lateral movement. We'll go over command line methods to find private keys. Then, we'll show you how attackers will find IP addresses of hosts to attack with the stolen key after discovery. Finally, we'll show you how to rapidly find unsecured SSH keys with Sandfly, our agentless Linux EDR and incident response platform.

Sandfly is able to find this and many other types of Linux attacks without deploying any endpoint agents. Get your free license today or contact us for more information.