Your browser does not allow storing cookies. We recommend enabling them.


Our products bring security, efficiency, reliability, and auditability into complex IT environments. We provide secure access to servers today and tomorrow. We bridge legacy environments, cloud, and mainframes.

We secure privileged and automated access to the most critical servers and data in the enterprise. We do it in a way that is radically easier to deploy and use than other solutions.

Secure access product suite

Our products address solve secure access to servers in enterprise environments. They secure privileged access, management of credentials (SSH keys and server passwords), and data-in-transit. They also provide visibility to what happens inside encrypted connections at a firewall, such as in remote access and file transfers by suppliers, consultants, and business partners.

Some functionality on this page is not supported by your web browser. We recommend upgrading to a modern browser.

Secure data-in-transit, Boundary protection
Manage & Automate
Monitor & Control
Transformation & Cloud

PrivX™ On-Demand Access Manager
Next Generation Privileged Access for Cloud

SSH Risk Assessment™
Know your SSH key exposure

360° visibility and control

Universal SSH Key Manager®
Process-driven management

Tectia® SSH
Premium server, client
for Windows, Unix,
z/OS mainframes

Services & Consulting
World-class subject matter expertise at your disposal

Next generation privileged access management for the cloud & DevOps. Eliminate passwords & keys.

Transparently monitor encrypted remote access. Control tunneling & file transfers.

Full life cycle management for SSH key based access.

Secure file transfers, remote administration, application tunneling, automation.

PrivX On-Demand Access Manager™

PrivX On-Demand Access Manager is the next generation privileged access management solution. It helps eliminate passwords from servers entirely. No more password vaults or password rotation needed. No more credential theft and attack spread by stealing administrator passwords. Deploy 10x faster than with competing solutions.

Universal SSH Key Manager®

Universal SSH Key Manager is the world leading solution for managing SSH keys in large and mid-sized enterprises. It is being used by several of the world's top 10 banks, credit card companies, central banks, stock exchanges, and leading industrial companies.


CryptoAuditor provides visibility into encrypted remote access at a firewall. It is also frequently used for securing DevOps processes by providing accountability and visibility to changes in build systems and production deployments while providing controlled emergency access to production for fixing and debugging problems.

Tectia® SSH®

Tectia SSH is the leading enterprise class SSH implementation and comes with 24x7 support for business-critical applications. It provides an advanced Windows server, support for IBM z/OS mainframes, and easy-to-use file transfer capability. It also supports standards-compliant X.509 certificates and smartcards (including CAC/PIV cards for US federal users) for server and user authentication.

Product benefits

In large enterprises, the our products save millions of dollars annually by automation, in addition to reduced reputation risk, better business continuity, and compliance with customer or government requirements.

Our products are built to transparently support customers' application-oriented distributed workflows and support and secure their transformation into cloud. They scale to microservices and serverless computing. They brings audit and control into DevOps and production deployments while enabling developer access with full audit and analytics.

The products secure data transfers in distributed environments, control access between computating instances, and automate credential and secrets management.

SSH keys are a critical issue for enterprises

SSH keys grant access, and SSH access management is a top-5 critical security issue in enterprises right now. It is the top topic in identity and access management. It has turned out many organizations have way more SSH keys granting access to their systems than they have user names and passwords. Keys are often used to bypass traditional privileged access management systems.

Our solutions solve SSH key management on-premise and in the cloud. They automate the full life cycle of keys. They make it easy to mitigate risks in legacy environments. They enable eliminating SSH keys entirely from new cloud deployments. They handle credentials for both automated and interactive access. They support delegating key life cycle decisions to application teams.

Our solutions scale to over 100,000 servers and millions of SSH keys. Several customers run it at that scale already.

Open REST APIs - no vendor lock

Our products provide secure REST APIs. The APIs can be used for operating the platforms, including provisioning or deprovisioning of SSH keys, for exporting or importing data, for implementing plugins and extensions, and for integrating the platform to other products. This ensures there is no vendor lock and components of the platform can be mixed with existing and future infrastructure in the enterprise.

Services and 24x7 support

We further provide services to ensure success in customer's deployment of SSH key management projects. From the SSH Risk Assessment service to subject matter expertise in SSH key management to full managed services, we focus on making the customer's project fast, minimally disruptive, and cost-effective. A success.

We also provide 24x7 support services for all of our products.

Unsupported open source downloads

We provide various unsupported Open Source SSH implementations for downloading as a service to the community. While we provide how-to instructions for several of the open source products online, we do not provide free support for or endorse them. For more information, see the SSH (Secure Shell) page.

Several of our products, however, interoperate with various open source versions or manage keys for open source versions. We do have significant subject matter expertise on them, so if you have a major project involving Open Source SSH implementations, feel free to inquire about paid assistance in relation to them.

While Open Source does not cost to download, it needs substantial internal resources to maintain, update, and track vulnerabilities. Thus, while it is free to distribute, it's life cycle costs can be much higher than for properly supported commercial software.

In our view most enterprises need maintenance and support services to have properly tested versions, change control, support in case there are problems, accountability, and continuity. We recommend Tectia SSH for enterprise environments.


What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now