Security Basics
SSH Hardening and Key Lifecycle
Rotate keys without locking yourself out, layer bastion patterns, and document access for audits.
Live online 3 weeks · 18 lab hours Intermediate
610,000 KRW informational until enrollment confirms
Program narrative
Labs rotate around a three-hop classroom topology. You practice emergency break-glass keys, break a config on purpose, then recover using only serial console prompts we provide.
What the labs include
- Match blocks scoped by group and subnet
- CA-signed host keys vs TOFU tradeoffs
- Port knocking vs allow-lists discussion with demos
- Break-glass envelope exercise
- Agent forwarding risks with concrete packet traces
- Inventory template for orphaned keys
- MFA touchpoints where SSH meets VPN
Outcomes you can show a lead
- Ship a rotation calendar ops can follow
- Recover from a bad AuthorizedKeys edit calmly
- Explain bastion hops to a security reviewer
Straight FAQ
Hardware tokens required?
Recommended but not mandatory; we provide soft-token simulations.
Do you supply VPNs?
We provide a classroom VPN profile only; corporate integrations are yours to map.
What is not included?
Client-side device compliance policies are referenced, not configured.
Recent participant notes
“Break-glass lab felt stressful in a useful way. I now photograph serial labels before touching sshd_config.”
Eun · Junior admin · Retail HQ · Google
“Client in logistics — quote only: "Match blocks finally clicked after the subnet coloring exercise."”
Anonymous