Universal SSH Key Manager®

Get the risks of unmanaged SSH Keys under control

SSH Keys, just like passwords, provide direct access to privileged accounts on critical infrastructure. It is imperative that these credentials are properly governed according to compliance standards and security policies.

Enterprises must ensure that weak SSH Key management does not provide ungoverned access to customer data, intellectual property or control systems.

New to SSH? Read about SSH Key basics >>>


UKM customersUKM Datasheet


Are SSH Keys providing ungoverned access to your critical assets?


Do you know if SSH Keys are used to bypass your security controls?


Can you systematically and automatically renew your SSH Keys?


UKM discovers all SSH access across your IT infrastructure and identifies all policy violating keys


UKM ensures your existing security solutions are not being compromised or bypassed by weak SSH Key management


UKM key lifecycle management greatly reduces the time and cost of distributing, removing and rotating keys


Do you want to  radically reduce the number digital keys to manage? Learn more about Zero Trust Key Management.

Zero Trust Key Management

The proven UKM SSH Key management process


1. Discover

UKM deployments begin with an SSH Risk Assessment, a non-disruptive report on your SSH environment

  • Full inventory of all active and potentially active keys - who has access to what, and where
  • Discovery of keys enabling PAM and jump host bypass
  • Identification of all keys violating global SSH policy capable of posing a threat
  • Detailed prioritized report on policy compliance in your SSH Key environment (e.g. NIST, SOX, HIPAA, PCI-DSS etc.)
  • Trust relationship map and evaluation against defined policies

2. Manage

Implement systematic monitoring and control of your SSH Key environment.

  • Highly efficient centralized key management
  • Monitor and report when and where SSH Keys are used
  • React to violations with alerts for unauthorized changes to SSH configurations
  • Remove unused or unauthorized SSH keys and renew old and weak keys
  • Prevent ungoverned distribution of SSH Keys
  • Limit access to servers to authorized sources

3. Automate

Automate the full lifecycle of vast numbers of SSH Keys to simplify the effort of staying compliant.

  • Integrate authorization processes with existing ticketing systems
  • Centrally manage SSH configurations Automate key provisioning, rotation and remediation
  • Automate detection and prevention of policy violations
  • Configuration lock down
  • Compliance process enforcement

4. Migrate to Zero Trust

Eliminate the need for standing privileges (authorized keys) for SSH access.

  • Eliminate authorized keys on servers for SSH access
  • Radically simplify the overhead of rotating SSH keys
  • Full audit and session control 
  • Transparent migration to just-in-time (JIT) and Zero Trust proof ephemeral access - without permanent SSH keys to manage or rotate.

Can you monitor and detect PAM bypass and jump host bypass? Our SSH Risk Assessment service is the first step to taking back control.

Learn about SSH Risk Assessment

NPS score: 71!

We invented SSH Keys, we are the authority on SSH Key management and, thanks to our customers, we have the NPS score for Universal SSH Key Manager to prove it.  

Read more about our reference customers >>>

SSH.COM is the perfect partner for us and we work very well together. The progress we have made over the past 4 years has been amazing.

Global top 10 bank IT architect

We have a very good working relationship with SSH.COM. When we have a new issue, they are able to do that quickly. When we need something, they listen.

UKM customer

UKM is very stable. It’s easy to use once you understand the concept.

UKM enterprise user

UKM identifies risks and automates the SSH Key lifecycle 


Eliminate exposed attack vectors

Mismanaged SSH Keys are highly sought after by malicious agents with sophisticated malware and botnets. This is because just a single SSH Key can grant an instant encrypted remote connection to valuable information. Unmanaged SSH Keys can grant root access, and enable privilege elevation and undetected lateral movement between servers that might look legitimate to your existing security controls.


Pass IT security audits 

A single SSH Key can make you fail your IT audit and yet we consistently find organizations with millions of them, exposed & unmanaged. You can use UKM for external audits or internal security assessments to demonstrate compliance and gain full control over your SSH key estate.


Secure your M2M connections

Automated file transfers are a critical part of big business. UKM can ensure that your M2M connections meet your security policies and use the most secure and compliant encryption standards and protocol versions. UKM gets vast numbers of SSH-enabled M2M connections under management and automates routines with no disruption to processes.


Manage 3rd party and supply chain SSH access

Numerous IT tasks start today by handing over SSH keys to subcontractors. Many of those keys remain unrevoked outside your organizations. UKM ensures that your Secure Shell connections stay under your control with comprehensive activity logging and monitoring.


Solve compliance challenges

SSH Keys are factored into compliance requirements for good reason. Do you comply? Can you prove it? UKM provides a real-time view into your key estate against regulations. UKM includes automated compliance tools that flag keys that contravene specific policies.


Enforce security policies with software

UKM brings your vast SSH Key estate under the management of your overall IT security policy framework. You can also ensure that policy-compliant access control policies are enforced organization-wide with all SSH Key use. UKM is a centralized console for secure, compliant SSH access at scale.


Rely on our experienced team of specialists

SSH key management projects can be complex and require expert level knowledge to reach required standards. SSH.COM offers professional & support services to facilitate processes and drive successful outcomes. Outsource the burden to our trusted experts - the designers of UKM, inventors of SSH and the world's leading SSH subject matter experts.

  • Seasoned experts always on standby.
  • Get more resources quickly and flexibly.
  • We can take the technical lead and support projects as needed.
  • We can manage the project(s) on your behalf (including onsite administration).
  • End-to-end assistance for deployment and configuration requirements.
  • Assistance with any customization & integration requirements.
  • Removes need to source, hire, and retain an internal team.
  • Frees existing internal teams to focus on core business needs.
  • Project-based, single-year, or multiyear contracts available as needed.

Learn more about SSH.COM Professional Services >>>

UKM reference customers

Read more about UKM SSH Key management in large enterprises and federal/state agencies around the world.

UKM customers