Squirrel Servers Manager

Security Model

⏱️ 5 min read

In a Nutshell (🌰)

  • SSM implements a comprehensive security model for device management
  • Credentials are securely stored with encryption
  • SSH provides secure device connections with strict key verification
  • No permanent agents run on managed devices, reducing the attack surface

Security First Approach

Squirrel Servers Manager (SSM) was designed with security as a core principle. This document outlines the security model used throughout the system to protect your infrastructure.

Credential Management

Secure Storage

SSM uses several layers of security to protect sensitive credentials:

  • Ansible Vault Encryption: SSH keys and passwords are encrypted using Ansible Vault
  • Database Encryption: Credentials stored in MongoDB use additional encryption (bcrypt)

SSH Key Management

When using SSH keys for device authentication:

  • Keys can be generated by SSM or imported from existing keys
  • Private keys are encrypted before storage
  • Key passphrase support for additional security
  • Keys are only decrypted in memory when needed for connections

Authentication & Authorization

User Authentication

SSM implements secure user authentication:

  • JWT-based authentication for API access
  • Password complexity requirements
  • Protection against brute force attacks
  • Session management with configurable expiration

Network Security

SSH Connection Security

All device connections use secure SSH:

  • Strict host key verification prevents MITM attacks
  • Connections close after command execution
  • No permanent open ports on managed devices
  • Support for non-standard SSH ports

Connection Encryption

SSM ensures all connections are encrypted:

  • SSH connections use industry-standard encryption

Agentless Security Benefits

The agentless architecture provides significant security advantages:

  • No permanent agents running on target devices
  • Lower attack surface with fewer components to exploit
  • No need to maintain agent security patches
  • No root-level services required on managed devices

Security Best Practices

When deploying SSM, follow these security best practices:

Network Configuration

  • Deploy behind a reverse proxy for TLS termination if public access is required
  • Use firewall rules to restrict access to the SSM server
  • Consider network segmentation to isolate management traffic

Credential Management

  • Use SSH keys instead of passwords where possible
  • Generate unique SSH keys for SSM rather than sharing existing keys
  • Implement a key rotation policy for sensitive environments

Made with love

Copyright © 2025-present Squirrel Team & Contributors