SSH Key Management

Whether you use Tectia SSH, OpenSSH or both, Universal SSH Key Manager™ delivers a fully interoperable and scalable SSH key management solution. It allows you to save time and money by eliminating the complex, manual work required to manage enterprise SSH environments, by reducing the risk of unauthorized access from both internal and external actors, and by improving visibility and compliance.


Universal SSH Key Manager is the only SSH key management solution that goes beyond just discovery. Universal SSH Key Manager is designed to deliver effective secure shell key management involves three core capabilities:

  • Discovery: The ability to see into your environment, understand your trust relationships and identify risks are the fundamental first steps in the  key management process – but don’t stop there.
  • Management: The ability to act on the information you have discovered by creating, deploying, removing and rotating keys through a centralized solution is critical. In addition, you need the capability to restrict how a key is set up, who can use it and where it can be used. These key management capabilities truly drive the value of your key management implementation by reducing costs, ensuring compliance and improving your security posture.
  • Monitoring & Reporting: Managing secure shell keys is a big data challenge. In order to be effective you will need complete reporting on your environment. To make monitoring & reporting truly impactful, a deep audit trail of all actions taken, a centralized dashboard and integration into your information security architecture (SIEM) are necessary.

In addition, only SSH Communications Security is trusted by leading Fortune 500 global companies to safely remediate their secure shell access control issues without putting mission critical business operations at risk. As the original inventors of the SSH protocol, only SSH can deliver the technology and services necessary to enable better security and compliance in your encrytped secure shell environments.

SSH’s platform based approach to overall secure shell management will enable you to not only manage keys but also scale to meet the needs of your entire secure shell environment’s lifecycle – from client/server deployments to access controls to privileged user monitoring and DLP capabilities. Only SSH’s Information Assurance Platform can deliver all of this to your Tectia SSH and OpenSSH environments.

Compare Universal SSH Key Manager to any other solution on the market:

SSH Other Solutions
Public & private key discovery Yes Yes
Key size Yes Yes
Key type Yes Yes
Passphrase existence Yes No
Key owner by user or user group Yes Yes
Trust relationship per host & host groups Yes No
Rogue keys Yes Yes
Orphaned keys Yes Yes
Unauthorized trust relationships Yes Yes

Agentless operation available Yes No
Role-based access control Yes No
Host grouping Yes No
User/host authorization rules Yes No
LDAP user integration Yes No
Black list keys Yes No
Create new private and public keys Yes No
Deploy new public keys Yes No
Remove public keys Yes No
Rotate public keys Yes No
Manage one-to-one and one-to-many relationships Yes No
Define key size and algorithm Yes No
Restrict key usage by command type Yes No
Restrict trust relationship per source and destination Yes No
Integration into IT ticketing system Yes No

Monitoring and Reporting
Key, host and user discovery reporting Yes Yes
Key creation/removal/rotation reporting Yes No
Out of policy alerts Yes No
Key activity monitoring Yes Limited
Deep audit trail Yes Limited
SIEM/log management integration Yes Limited
Export data to csv file Yes Yes