Universal SSH Key Manager®
Get the risks of unmanaged SSH Keys under control
SSH Keys, just like passwords, provide direct access to privileged accounts on critical infrastructure. It is imperative that these credentials are properly governed according to compliance standards and security policies.
Enterprises must ensure that weak SSH Key management does not provide ungoverned access to customer data, intellectual property or control systems.
New to SSH? Read about SSH Key basics >>>
UKM discovers all SSH access across your IT infrastructure and identifies all policy violating keys
UKM ensures your existing security solutions are not being compromised or bypassed by weak SSH Key management
UKM key lifecycle management greatly reduces the time and cost of distributing, removing and rotating keys
Do you want to radically reduce the number digital keys to manage? Learn more about Zero Trust Key Management.
1. Discover
UKM deployments begin with an SSH Risk Assessment, a non-disruptive report on your SSH environment
- Full inventory of all active and potentially active keys - who has access to what, and where
- Discovery of keys enabling PAM and jump host bypass
- Identification of all keys violating global SSH policy capable of posing a threat
- Detailed prioritized report on policy compliance in your SSH Key environment (e.g. NIST, SOX, HIPAA, PCI-DSS etc.)
- Trust relationship map and evaluation against defined policies
2. Manage
Implement systematic monitoring and control of your SSH Key environment.
- Highly efficient centralized key management
- Monitor and report when and where SSH Keys are used
- React to violations with alerts for unauthorized changes to SSH configurations
- Remove unused or unauthorized SSH keys and renew old and weak keys
- Prevent ungoverned distribution of SSH Keys
- Limit access to servers to authorized sources
3. Automate
Automate the full lifecycle of vast numbers of SSH Keys to simplify the effort of staying compliant.
- Integrate authorization processes with existing ticketing systems
- Centrally manage SSH configurations Automate key provisioning, rotation and remediation
- Automate detection and prevention of policy violations
- Configuration lock down
- Compliance process enforcement
4. Migrate to Zero Trust
Eliminate the need for standing privileges (authorized keys) for SSH access.
- Eliminate authorized keys on servers for SSH access
- Radically simplify the overhead of rotating SSH keys
- Full audit and session control
- Transparent migration to just-in-time (JIT) and Zero Trust proof ephemeral access - without permanent SSH keys to manage or rotate.
Can you monitor and detect PAM bypass and jump host bypass? Our SSH Risk Assessment service is the first step to taking back control.
Eliminate exposed attack vectors
Mismanaged SSH Keys are highly sought after by malicious agents with sophisticated malware and botnets. This is because just a single SSH Key can grant an instant encrypted remote connection to valuable information. Unmanaged SSH Keys can grant root access, and enable privilege elevation and undetected lateral movement between servers that might look legitimate to your existing security controls.
Pass IT security audits
A single SSH Key can make you fail your IT audit and yet we consistently find organizations with millions of them, exposed & unmanaged. You can use UKM for external audits or internal security assessments to demonstrate compliance and gain full control over your SSH key estate.
Secure your M2M connections
Automated file transfers are a critical part of big business. UKM can ensure that your M2M connections meet your security policies and use the most secure and compliant encryption standards and protocol versions. UKM gets vast numbers of SSH-enabled M2M connections under management and automates routines with no disruption to processes.
Manage 3rd party and supply chain SSH access
Numerous IT tasks start today by handing over SSH keys to subcontractors. Many of those keys remain unrevoked outside your organizations. UKM ensures that your Secure Shell connections stay under your control with comprehensive activity logging and monitoring.
Solve compliance challenges
SSH Keys are factored into compliance requirements for good reason. Do you comply? Can you prove it? UKM provides a real-time view into your key estate against regulations. UKM includes automated compliance tools that flag keys that contravene specific policies.
Enforce security policies with software
UKM brings your vast SSH Key estate under the management of your overall IT security policy framework. You can also ensure that policy-compliant access control policies are enforced organization-wide with all SSH Key use. UKM is a centralized console for secure, compliant SSH access at scale.
Further reading
Learn more about SSH compliance and auditing
“There are 14 critical areas affected by unmanaged SSH Keys, that Auditors will use to assess your IT security compliance.”
"...poorly managed SSH key environments may lead to audit infractions and possibly a security breach.”
Rely on our experienced team of specialists
SSH key management projects can be complex and require expert level knowledge to reach required standards. SSH.COM offers professional & support services to facilitate processes and drive successful outcomes. Outsource the burden to our trusted experts - the designers of UKM, inventors of SSH and the world's leading SSH subject matter experts.
- Seasoned experts always on standby.
- Get more resources quickly and flexibly.
- We can take the technical lead and support projects as needed.
- We can manage the project(s) on your behalf (including onsite administration).
- End-to-end assistance for deployment and configuration requirements.
- Assistance with any customization & integration requirements.
- Removes need to source, hire, and retain an internal team.
- Frees existing internal teams to focus on core business needs.
- Project-based, single-year, or multiyear contracts available as needed.
UKM reference customers
Read more about UKM SSH Key management in large enterprises and federal/state agencies around the world.