Control SSH Key risks efficiently

Universal SSH Key Manager® (UKM) is a Zero Trust Encryption Key Management solution that automates governing thousands of keys according to compliance and security standards. It mitigates risks, reduces key management overhead, and helps pass IT audits.

SSH keys are critical access credentials

Just like passwords, SSH keys grant access to critical infrastructure or data, including credit card data, medical records, tax records, email servers and firewalls and VPNs.

SSH keys typically outnumber passwords 10 to 1. Yet they are mostly unmanaged. Secure your business with a proven key management solution and migrate to efficient Zero Trust, keyless SSH access.

The proven key manager solution

Discover

Asses your risk posture, discover all SSH access (automated or interactive) across your IT infrastructure and identify all policy-violating encryption keys.

Manage

Implement systematic monitoring and control of your SSH Key environment to remove keys that are uncompliant, unmanaged or bypassing your controls.

Automate

Automate the full lifecycle of vast numbers of cryptographic keys to simplify the effort of staying compliant and ensuring all your sessions are audited, logged and tracked.

Zero Trust

Radically reduce the overhead of managing permanent SSH Keys to manage, and move to keyless, just-in-time Zero Trust access with short-lived certificates.

Learn about the Enterprise Key Management process in detail here>>>

Capability	Analyze	Comply & Automate	Zero Trust
User Interface authentication with Windows AD, LDAP, SAMLv2	●	●	●
High availability	●	●	●
User account inventory	●	●	●
SSH Key inventory	●	●	●
Trust relationship mapping	●	●	●
SSH key usage	●	●	●
SSH access discovery (password/key/certificate)	●	●	●
Compliance validation: NIST, HIPAA,PCI-DSS, etc.	●	●	●
Compliance reporting	●	●	●
User key management: removal, rotation, provisioning, hardening	-	●	●
Elimination of self-provisioning SSH keys	-	●	●
Application-based visibility and control of user keys	-	●	●
Capability	Analyze	Comply & Automate	Zero Trust
Hostkey rotation and distribution	-	●	●
SSH client/server configuration management	-	●	●
Rest APIs	-	●	●
GUI automation flows	-	●	●
SSH access with Keyless, Certificate-based JIT authentication	-	-	●
SSH access with AD, OpenIDC, or LDAP authentication	-	-	●
SSH access with Multi-Factor Authentication (MFA)	-	-	●
Virus scanning and file validation on file transfers	-	-	●
Centralized SSH connection control	-	-	●
SSH session recording	-	-	●
SSH auditing with SIEM integration	-	-	●
SSH sub-protocol control, e.g. allow/deny SFTP/x11-forwarding	-	-	●

Choose your Enterprise Key Management solutions wisely. Read our guide.

Reduce Key complexity and risks

1. Eliminate SSH risks and attack vectors

Mismanaged SSH Keys are highly sought after by malicious agents, may end up in the hands of 3rd parties, and are used without proper oversight by Dev teams. Remove security backdoors caused by ungoverned use of encryption keys that might look legitimate to your existing security controls.

Learn more about bypassing privileged access management with SSH keys>>>

2. Centralize & automate SSH key lifecycle management

By default, SSH keys are used decentralized across multiple targets and without proper key ownership. Manage and discover hard-to-find keys, key configurations and SSH login files under a single pane of glass.

Automate key provisioning, rotation and remediation and integrate key authorization processes with ticketing systems for delegation of credentials ownership.

SCREENSHOT-UKM-UP-private-key-details-view

3. Secure and track your encrypted M2M connections

Ensure that your automated Secure Shell M2M connections meet your security policies and use the most secure and compliant encryption standards and protocol versions - along with interactive connections.

UKM Zero Trust gets vast numbers of SSH-enabled M2M connections under management, automates routines with no disruption to processes, and tracks and audits all sessions.

4. Enforce security policies and pass IT audits

Get warnings of keys that violate your policies, contravene with regulations or are used ungoverned. Upgrade, rotate and delete outdated encryption keys with confidence and with full rollback options. Ensure that compliant access control policies are enforced organization-wide with all SSH key use.

Learn how SSH keys can make you fail an audit.

SCREENSHOT-UKM-UP-application-policy-view

5. Reduce complexity with automation & keyless access

Minimize complexity and management overhead by maximizing key lifecycle automation and radically reducing the number of SSH keys in your environment.

UKM Zero Trust grants only just enough access (JEA), just-in-time (JIT), and with the least privilege needed to get the job done - without leaving any SSH Keys behind to manage.

Learn more about keyless Zero Trust SSH Access>>>

SCREENSHOT-UKM-UP-keyaction-details-with-failed-parts

6. Choose zero touch SSH access governance

Manage SSH encryption keys in their native locations without complicated vaulting onboarding processes. Enjoy non-intrusive deployment without changes to the Secure Shell configuration files, your existing key architecture, or application code.

SSH.COM is the perfect partner for us and we work very well together. The progress we have made over the past 4 years has been amazing.

Global top 10 bank IT architect

We have a very good working relationship with SSH.COM. When we have a new issue, they are able to do that quickly. When we need something, they listen.

UKM customer

UKM is very stable. It’s easy to use once you understand the concept.

UKM enterprise user