use-ssh-keys
Default Severity: high
Explanation
When working with a server, you’ll likely spend most of your time in a terminal session connected to your server through SSH. A more secure alternative to password-based logins, SSH keys use encryption to provide a secure way of logging into your server and are recommended for all users.
Possible Impact
Logging in with username and password is easier to compromise
Suggested Resolution
Use ssh keys for login
Insecure Example
The following example will fail the digitalocean-droplet-use-ssh-keys check.
resource "digitalocean_droplet" "good_example" {
image = "ubuntu-18-04-x64"
name = "web-1"
region = "nyc2"
size = "s-1vcpu-1gb"
}
Secure Example
The following example will pass the digitalocean-droplet-use-ssh-keys check.
data "digitalocean_ssh_key" "terraform" {
name = "myKey"
}
resource "digitalocean_droplet" "good_example" {
image = "ubuntu-18-04-x64"
name = "web-1"
region = "nyc2"
size = "s-1vcpu-1gb"
ssh_keys = [ data.digitalocean_ssh_key.myKey.id ]
}