Security explanations

Considering the way SSH Monitor is designed, a monitoring server (with SSH Monitor installed on it) will have an SSH access to all the monitored targets. If the monitoring server is compromised, then an attacker could gain access to all the monitored targets using the SSH keys. This could be an issue, even if the SSH keys are linked to low privilege users, because exploiting escalation of privileges vulnerabilities is always a risk.

To mitigate this issue, you can restrict the targets’ shell so that only the needed shell instructions are available (using rbash, i.e. restricted bash): like described in the security how-to.