Secure Shell Keys
Fannie Mae strives to maintain the highest levels of security to protect our customer’s information. In response to external requests for an industry-leading secure alternative to the existing System ID and password authentication protocol, organizations that facilitate SFTP transactions through Fannie Mae’s B2B Gateway now have the option to authenticate via Secure Shell (SSH) Keys.
Why Use SSH Key-based Authentication?
SSH keys align with InfoSec best practices to facilitate secure system-to-system transmission of files, offering an improved security profile and customer experience with the following benefits:
- Provides security that even extremely long passwords do not offer.
- Supports the encryption of private keys for additional security.
- Allows for easier automated (e.g. batch) processing.
Each SSH key pair is comprised of a private key and public key. The key pair can be generated in Technology Manager per Fannie Mae’s InfoSec requirements. External organizations may also use an existing public key if it meets key length and encryption algorithm requirements.
Who Can Use SSH Keys?
Organizations that currently use or wish to facilitate SFTP transactions with Fannie Mae through the B2B Gateway can elect to use SSH Key authentication. Please contact the Technology Support Center (TSC) if you need assistance to integrate with the B2B Gateway.
Once integration is complete, you may associate your SSH Key with a System ID using one of the following options:
Implement SSH Key for a new System ID
Select the SSH Key authentication option on the Create a new System ID page within Technology Manager.
Update SSH Key for an existing System ID
Select an existing System ID on the Manage System ID page within Technology Manager and generate or upload a key.