Do you know where your SSH keys are?
Request a DemoSecure, Zero-Knowledge SSH Key Management Software
SSH keys and other connection credentials are vital developer resources, but if they fall into the wrong hands, the results can be devastating to your organization. Exposing credentials via email, messaging systems or local key stores introduces risk.
Keeper provides protection for all of your SSH keys, digital certificates and other sensitive connection tokens. Keeper’s zero trust and zero-knowledge architecture means that your secrets, passwords and files are only accessible to authorized individuals.
Easy Deployment with No Additional Hardware Required
If a secrets management system is difficult to deploy and integrates poorly with your existing tech stack, it’s dead in the water. Even the most secure system in the world is useless if it’s not simple to deploy and easy to use.
Utilizing Keeper Secrets Manager, teams can create dynamic programmatic access to their secrets credentials in their current build systems, without having to purchase new hardware or agent software. Keeper is cloud-native, and Keeper Secrets Manager has pre-built integrations with industry leading tools, making it easy to plug Keeper Secrets Manager right into existing technology stacks, with no additional appliances or hardware needed. Keeper Secrets Manager is backed by Keeper’s zero-knowledge, zero-trust architecture, so you are assured that it provides the highest level of security.
Securely Share SSH Keys with Your Team
When it comes to sensitive credentials, it can be difficult to strike the right balance between sharing and security. Your SSH keys need to be easily available to the people who need them, but they also need to be kept away from unauthorized users.
Luckily, Keeper makes this easy, with robust sharing features and auditing capability. Keeper allows full administrative control of SSH keys and other credentials while allowing secrets to be shared with individuals and teams. You have fine-grained control over each individual and team’s ability to see, edit or share credentials.
Keeper’s auditing and reporting tools also allow you to see what was done with each record containing sensitive credentials. Any time a secret is accessed, used, shared or edited, the event is logged and administrators can report on and audit it.
Understand Usage of SSH Keys to Achieve Compliance
Using SSH keys and other credentials in a secure way is challenging. Transporting keys across a network or between users introduces risk. Users of these credentials need to keep many secrets organized and safe.
Keeper’s auditing and reporting tools give administrators fine-grained visibility over the usage, sharing, and modification of keys and credentials. Administrators can set alerts and be notified whenever credentials are used, edited, or shared. They can also create detailed compliance and audit reports and maintain compliance throughout the lifecycle of the organization’s SSH keys and credentials.
Programmatic Access for Engineers and DevOps Teams
Hard-coded credentials, secrets sprawl and ungoverned key access all create risk for organizations – and slow down development.
Keeper Secrets Manager’s SDKs and integrations allow you to safely use SSH keys, digital certificates and other secret credentials directly within code or in the most popular DevOps tools. Keeper Secrets Manager dynamically retrieves credentials from the Keeper Vault using secure Elliptic Curve and AES-256 encryption.
Keeper Secrets Manager integrates directly with your existing build processes, with prebuilt plugins in the most popular platforms. Developers can also use the Secrets Manager SDKs to access secrets directly from code.
Programmatic Access for the Rest of the Organization
Engineering isn’t the only team that can benefit from SSH connections. Non-technical users often struggle to use SSH keys effectively and securely. Keeper allows you to take advantage of the security and speed of SSH connections with the simplicity of a full-featured connections manager.
Keeper Connection Manager provides an easy-to-use interface for accessing connections from right within a browser window. Connections are easy to configure and can even be pulled directly from the Keeper Vault with the Secrets Manager integration. Users can access machines via SSH and other protocols without ever accessing the actual credentials, making it easy for non-technical users and secure for the organization.
SSH Access for Third Parties
SSH Connections are powerful tools and can be risky in the wrong hands. Sometimes, organizations need to give limited, timed access to vendors, contractors or employees.
Keeper Connection Manager enables IT administrators to provide the right access levels to the right people. Access can be limited or revoked at a per-user basis. Because connection details are not seen by users, a former user can no longer access your machines by copying the connection credentials. Limited-time, shared connection sessions allow users to share a connection for short-term use.
Keeper Connection Manager also provides session recording and playback. Monitor and audit the actions taken by users while they’re connected to your machines. SSH connection session recordings can be visual or text-only, making it easy to search for specific commands.
Complete Lifecycle Management of SSH Keys
The lifecycle of a SSH key can turn into a confusing mess. Keeping active keys organized, rotating keys, and deactivating old keys is a time-consuming practice. In today’s fast-paced organizations, it’s easy to miss a step, leading to reduced security.
Keeper can help manage the complete lifecycle of SSH keys and other credentials. Use Keeper’s developer tools to automate necessary steps. Keeper Secrets Manager can place new SSH keys directly into the Keeper Vault to be utilized by individuals or across teams. The Keeper Commander CLI can be configured to rotate SSH keys in the Vault. When a key in the Vault is updated, it is automatically picked up by Secrets Manager, Connection Manager, and other Keeper systems. When it’s time to retire a credential, removing it from the Vault will also ensure that it is not accessible in other systems.
Beyond removal of a key, Keeper provides fine-grained control of credentials access. SSH keys and secrets can be removed from specific Secrets Manager applications, or removed from Keeper Connection Manager. Robust sharing capability and Vault transfers ensure that even if a secret’s owner leaves the company, you won’t lose access to important credentials.
Easily Access your Remote Infrastructure Without Exposing SSH Credentials or Requiring a VPN.
SSH Key Management FAQs
What is SSH key management?
SSH key management refers to the process, policies and tools used to manage, secure and automate the entire SSH key lifecycle, from initial creation to deletion. This includes deploying keys to endpoints, launching remote sessions, rotating keys, managing key-user mappings and periodically deleting keys that are stale or no longer used.
What is an SSH key management tool?
An SSH key management tool helps IT admins automate the process of SSH key management and gain visibility into the SSH keys used throughout the enterprise data environment. SSH key management tools provide features such as initial discovery and consolidation of existing keys; trust relationship mapping; granular access controls; user monitoring and audit reports; and automation of SSH key creation, deployment, rotation and deletion.
What is SSH key rotation?
SSH key rotation is the process of periodically deleting SSH key-user associations and deploying fresh key pairs to prevent SSH key compromise and privilege abuse. Both authorized keys and identity keys must be rotated.
What is the best way to implement DevOps SSH key management?
The best way to implement DevOps SSH key management is to use a secure SSH key management tool, such as Keeper Secrets Manager. Keeper Secrets Manager stores and protects all of your SSH keys and other IT infrastructure secrets, creating dynamic programmatic access to your secrets in their existing build systems without requiring any additional hardware or agent software.
How secure is SSH?
SSH is a very secure way to protect privileged access to vital systems. However, as with any security technology, proper configuration and ongoing management are critical. For example, if SSH keys aren’t properly managed, they can be compromised.
