1

I have seen many answers to this question in different scenarios but I am still unsure of the actual answer.

I have a VM in the cloud (Azure), which will be hosting my production database. Is it safe to have port 22 open for my SSH connection? it also has a public IP address, is this safe too?

This is my first time having to concern myself with these types of questions so apologies for the lack of understanding.

james
  • 113
  • 3
  • 1
    "safe" against what? Why do you need SSH access to your production database from the Internet (why not use the cloud admin access)? Why do you need your database with a public IP? – schroeder Aug 03 '20 at 22:36
  • Hi, I sort of understand what you're getting at - I mean "safe" as in reducing the risks of threats that are possible from public IP and having open ports - I suppose what I mean is, what is best practice for something like this? – james Aug 03 '20 at 22:40
  • If you are asking "will opening port 22 reduce the risk of threats" the answer is clearly "no". If your question is "is this reasonable for me to do?" The answer is "only you can decide that". If you are using ssh securely and your database hosts the data for an anonymous cat-picture voting website, then it is probably reasonable. If your database is hosting the nuclear launch codes, then it's probably a *bad* choice. – Conor Mancone Aug 03 '20 at 23:35
  • Related: https://security.stackexchange.com/questions/233785/is-starting-an-aws-instance-with-only-ssh-to-port-22-significantly-insecure – mti2935 Aug 03 '20 at 23:44
  • 1
    Does this answer your question? [Is starting an AWS instance with only ssh to port 22 significantly insecure?](https://security.stackexchange.com/questions/233785/is-starting-an-aws-instance-with-only-ssh-to-port-22-significantly-insecure) – Conor Mancone Aug 04 '20 at 01:51

1 Answers1

2

I have a VM in the cloud (Azure), which will be hosting my production database. Is it safe to have port 22 open for my SSH connection?

No, it is not safe.

While I'm not sure why you'd need this in the first place, this allows for anyone on the public Internet to connect to your database. Even if you have certificate-based, multi-factor authentication in place it is still not safe. There is no need to needlessly expose your database. You should configure a bastion host (or Azure equivalent), or ideally a VPN connection to your network for management and allow port 22 between those two servers.

it also has a public IP address, is this safe too?

It's safe for some servers, but not your production database. The reasons for this are the same as exposing port 22 because the concept is the same regardless of port exposed when it's your production database you're talking about.

The overall idea here is to create a secure architecture -- the best way to do that is limiting interaction with your database. Especially direct access. See multi-tiered architecture. That's the Google Image Search for it since pictures explain it much better than text. But here's the Wiki on it.

If this is for a personal project, ask away and experiment. If you leave port 22 open to the world I guarantee you'll have people trying to break into your system in <24hrs, but you can always restore to a snapshot or tear it down and build a new VM entirely.

If this is for a true production database for a company and you are tasked with building out the architecture, you need to hire a consultant. I don't say that as an insult, but there are a thousand ways this can go wrong and it would be best to hire an expert.