Your browser does not allow storing cookies. We recommend enabling them.

Universal SSH Key Manager Integration with BeyondTrust PowerBroker

PowerBroker for Unix & Linux allows system administrators to delegate Unix and Linux privileges and authorization without disclosing passwords for root or other accounts. The solution can also record all privileged sessions for audits, including keystroke information.

Universal SSH Key Manager is non–intrusive — all operations for discovery, continuous monitoring, access lockdown, remediation, and key life cycle management are conducted without disrupting existing workflows and business processes.

By integrating Universal SSH Key Manager with BeyondTrust's PowerBroker for Unix & Linux customers are able to leverage their existing privilege elevation solution already deployed across their environment to enable the privileged operations required by Universal SSH Key Manager for scanning and managing SSH keys.

Universal SSH Key Manager can leverage PowerBroker in two ways:

  1. Offline-scanning of SSH user keys across the environment
  2. Privilege elevation for key management operations when using agentless connections


This mode of integration allows Universal SSH Key Manager operators to run a standalone script for scanning SSH keys across the target environment and import the resulting output file into Universal SSH Key Manager. With PowerBroker operators are able to use the existing PowerBroker infrastructure to run a scanning script with elevated privileges across the target environment and easily collect the results in order to import back to Universal SSH Key Manager. This allows operators to easily scan thousands of hosts and quickly build up an inventory of SSH keys across their environment in a matter of hours compared to the days or weeks that it usually takes most organizations using other connection methods such as rolling out agents or getting approval for privileged access to hosts using agentless connections.

Privilege Elevation

Another way Universal SSH Key Manager integrates with PowerBroker is when using agentless connections towards target servers. Universal SSH Key Manager can be configured to use PowerBroker as a privilege elevation mechanism. This allows Universal SSH Key Manager to use a non-privileged account for agentless connections towards servers and then invoke PowerBroker to elevate privileges to perform the scanning or key management operations needed by Universal SSH Key Manager. The flexibility in configuration options allows Universal SSH Key Manager to also store and provide credentials for privilege elevation when prompted by PowerBroker. The integration brings the additional benefit of having all privileged commands executed by Universal SSH Key Manager to be fully logged by PowerBroker and readily available from a central location for audit and review.


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more