You wouldn’t let hackers download permission to get root access on your organization’s internal network — but if you’re not managing your SSH keys properly, your systems could be at risk of just such an attack. Network and system administrators and information security professionals routinely use SSH to gain access to resources everywhere in the enterprise or other large networks. In practice, however, many SSH users skimp on key management and leave their networks wide open to attacks exploiting SSH keys that have root permissions enabled and that never expire.