SSH Key Management

Traditional methods of SSH key management are very labor intensive, with many organizations not properly rotating their keys. As well, it is common practice for administrators to share keys. Between the lack of rotation and the sharing of keys, organizations lose accountability over their systems, which could lead to those systems being vulnerable to exploits.

BeyondTrust's Password Safe product provides a single, streamlined solution for managing all your privileged credentials--passwords, keys, and DevOps secrets. The solution greatly simplifies privileged credential management. Customers rely on Password Safe to secure the use of SSH keys for better control, accountability, and security over Unix and Linux systems. Password Safe adds security and simplifies the management of SSH keys by:

• Storing private keys like any other privileged credential
• Automatically rotating SSH keys according to a defined schedule
• Allowing designated 'secondary' accounts and SSH keys to be grouped to a 'primary' account to manage rotation interval, complexity, and duration of SSH keys
• Enforcing granular access control and workflow
• Alerting when a key is released
• Automatically logging users onto Unix or Linux systems through the proxy, with no user exposure
• Recording every privileged session with full playback and key usage auditing
• Offering failover to a managed password for complete redundancy
• Allowing SSH sessions to be easily established via your existing desktop tools without having to initiate with a web interface

SSH Key Management Account and System Level Settings - Screenshots