centralized SSH key management solution

Control & mitigate
SSH key risks

Universal SSH Key Manager® (UKM) is a Zero Trust SSH key management solution that automates governing of SSH keys according to compliance and security standards. It mitigates risks, reduces key management complexity, and helps pass IT audits.

Book a demo Test Drive UKM

SSH keys are critical access credentials

Just like passwords, SSH keys grant access to critical infrastructure or data, including credit card data, medical records, tax records, email servers and firewalls and VPNs.

SSH keys typically outnumber passwords 10 to 1. Yet they are mostly unmanaged. Secure your business with a proven key management solution and migrate to efficient Zero Trust, keyless SSH access

The proven centralized SSH key management solution

Government

Discover

Assess your risks, discover all SSH access (automated and interactive) across your IT infrastructure, and identify all policy-violating encryption keys.

Priviledged-access-management

Manage

Implement systematic monitoring and control of your environment via centralized SSH key management. Remove encryption keys that are uncompliant, unmanaged, or bypassing your controls. 

Secure-file-transfer

Automate

Automate the full lifecycle of SSH cryptographic keys and simplify the effort of staying compliant. Ensure all your sessions are audited, logged, and tracked.

Hourglass

Zero Trust

Radically reduce the overhead of managing permanent SSH keys and move to keyless, just-in-time Zero Trust access with short-lived certificates.

Compare the different UKM editions

Choose the best fitting UKM edition to manage your SSH keys.

Capability Analyze Comply & Automate Zero Trust
User Interface authentication with Windows AD, LDAP, SAMLv2
High availability
User account inventory
SSH Key inventory
Trust relationship mapping
SSH key usage
SSH access discovery (password/key/certificate)
Compliance validation: NIST, HIPAA,PCI-DSS, etc.
Compliance reporting
User key management: removal, rotation, provisioning, hardening -
Elimination of self-provisioning SSH keys -
Application-based visibility and control of user keys -
Capability Analyze Comply & Automate Zero Trust
Hostkey rotation and distribution -
SSH client/server configuration management -
Rest APIs -
GUI automation flows -
SSH access with Keyless, Certificate-based JIT authentication - -
SSH access with AD, OpenIDC, or LDAP authentication - -
SSH access with Multi-Factor Authentication (MFA) - -
Virus scanning and file validation on file transfers - -
Centralized SSH connection control - -
SSH session recording - -
SSH auditing with SIEM integration - -
SSH sub-protocol control, e.g. allow/deny SFTP/x11-forwarding - -

Try SSHerlock, a free SSH
key discovery and audit tool

Get Free SSHerlock Tool

Reduce SSH key complexity and risks with UKM

SCREENSHOT-UKM-hosts list view

1. Eliminate SSH key risks and attack vectors

SSH keys are complex and can easily go unmanaged. These unmanaged SSH keys are then highly sought after by malicious actors.

With UKM, you remove security risks caused by ungoverned encryption keys that might look legitimate to your existing security controls.

Learn more about bypassing PAM with SSH keys>>>

SCREENSHOT-UKM-private-key-details-view

2. Centralize & automate SSH key lifecycle management 

By default, SSH key management is decentralized and complex.

With UKM, you manage and discover all encryption keys, key configurations, and SSH login files in a centralized, universal SSH key manager. You can also automate SSH key processes, like provisioning, rotation, remediation, etc.

SCREENSHOT-UKM-UP-private-key-details-view

3. Secure and track your encrypted M2M connections

Machine-to-machine connections are not managed by PAM tools. You need a centralized SSH key management tool, like UKM, to manage your M2M connections, automate routines, track machine credentials, and audit all automated sessions.

UKM also ensures that all M2M connections meet your security policies and use compliant encryption standards and protocol versions.

Learn about the best practices for securing machine credentials:

Get the whitepaper

SCREENSHOT-UKM-policy-highlights-view

4. Enforce security policies and pass IT audits

UKM warns you about SSH keys that violate your policies, contravene regulations, or are used ungoverned. You can upgrade, rotate, and delete outdated encryption keys with the option to reverse any action.

With UKM, you enforce compliant access control policies throughout your entire organization.

Learn how SSH keys can make you fail an audit:

Get the Whitepaper

SCREENSHOT-UKM-UP-application-policy-view

5. Reduce complexity with Zero Trust keyless access

With UKM, you can maximize key lifecycle automation and radically reduce the number of SSH keys in your environment. 

UKM Zero Trust grants only just enough access (JEA), just-in-time (JIT), and with the least privilege needed to get the job done - without leaving any  SSH keys behind to manage.

Learn more about keyless Zero Trust SSH access>>>

SCREENSHOT-UKM-UP-keyaction-details-with-failed-parts

6. Choose zero-touch SSH access governance 

UKM Zero Trust makes it easy to manage your SSH keys. You can manage encryption keys in their native locations without complicated vaulting onboarding processes.

UKM Zero Trust comes with non-intrusive deployment without changes to the SSH configuration files, your existing key architecture, or application code. 

Customers love UKM Zero Trust!

Thanks to our customers, we have the Net Promoter Score (NPS) score of 71 for our UKM Zero Trust, a centralized SSH key management solution. 

Read more about our reference customers >>>

SSH is the perfect partner for us and we work very well together. The progress we have made over the past 4 years has been amazing.

Global top 10 bank IT architect

We have a very good working relationship with SSH.COM. When we have a new issue, they are able to do that quickly. When we need something, they listen.

UKM customer

UKM is very stable. It’s easy to use once you understand the concept.

UKM enterprise user

Can you monitor and detect PAM bypass and jump host bypass?
Our SSH Risk Assessment service helps you take back control.

Learn about SSH Risk Assessment

Centralized SSH Key Management: Resources

Buyers_guide_Zero_Trust_proof_EKM_mockup

Buyer's guide

Zero Trust Enterprise Key Management (EKM)

Learn about the challenges of SSH key management, how to solve them efficiently, and how to radically reduce the number of SSH keys to manage.

Key Manager Buyer's Guide

.

UKM_data_sheet_cover

Datasheet

Universal SSH Key Manager Data Sheet

Learn about the technical details behind the most comprehensive Enterprise Key Management solution on the market.

UKM Datasheet

Screenshot 2022-05-20 at 10.19.01

White paper

Secure your machine connections and credentials

Learn how to manage and secure your automated M2M connections and machine credentials.

Get the whitepaper

passwordless_keyless

White paper

Passwordless & keyless approach to access management

 Learn about the passwordless and keyless approach and how to prepare and migrate your organization to credential-less access.

Get the White Paper

nist-thumb

Official NIST Guide

Reduce Secure Shell Risk - NIST 7966

An overview of assessing your SSH environment, automating SSH key lifecycle, and mitigating risks.

Get the NIST Guide

.

isaca-thumb

Official ISACA Guide

ISACA SSH Practitioner Guide

Learn how SSH Keys enable secure access to critical systems and data and how to mitigate risk from poorly managed keys.

Get the ISACA Guide

Test drive UKM Zero Trust!

Try UKM, our universal SSH key manager. Experience the easy-to-use centralized SSH key management and test UKM features.

Test Drive UKM