Access Control
Easily control access to any SSH enabled host with our simple to set up Access Policies where you set which users have auto approved access to the host, and which need approval from a select group of approvers.
EZSSH Overview
Zero Trust Endpoint SSH Management
EZSSH removes the need to manage, rotate and remove ssh keys for all your users from all your hosts. We remove the complexity by using SSH certificates behind the scenes while all the user sees is the familiar SSO experience using their AAD Identity. No more keys in engineers desktops waiting to be stolen by bad actors.
User Experience
Deploy in Seconds
EZSSH can be easily deployed by adding your access policy's own Certificate Authority key to the allowed SSH CAs (Each policy has a downloadable script that you can run in all your endpoints).
Password-less SSH
Users no longer have to manage different credentials for each endpoint, by using Single Sign-On, the hard work of creating and managing the certificates is magically secured by EZSSH.
Easily Connect to Azure
EZSSH was made to work with any SSH enable host but we have made it even easier to use with Azure. Follow our Azure setup guide to give access to our service principal and we will auto-deploy your policies to the VMs in the selected subscription. EZSSH is also able to see who has access to that subscription and give them access to the VM, no need to maintain a separate access control.
Easy to Audit Access
All access requests and approvals are logged and can be easily exported for your security team to analyze or to simplify compliance audits.
Multiple Connections at Once
With our Desktop tool, users can request and access multiple endpoints at once, either by using our interactive option or by inputting a CSV with the endpoints the user wants to connect to. EZSSH will get the appropriate certificates and initiate the connection to all the hosts.
GitHub Access Control
With GitHub removing password access for Git operations, what better time than now to improve your GitHub identity story and protect your users from SSH key compromise by moving to EZSSH, the fist SSH Certificate CA for GitHub.
Reduce Onboarding Time
Save hours of engineering productivity by no longer having developers register their SSH Keys in GitHub by switching to EZSSH. With EZSSH GitHub Single Sign-On we use your secure developer identity to authenticate your developers and issue a short-lived certificate. Reducing onboarding time, while also protecting the user key from being stolen due to mismanagement of the private key.
No More SSH Key Management
Following SSH Keys best practices is hard and failing to do it have caused many companies to have their source code compromised. Are your engineers keeping their SSH keys safe? Are they password protected? Have their shared/emailed/committed their private key by mistake? EZSSH removes all that complexity by hiding all the key management form the user and issuing time bound certificates.
Infrastructure Security
Password-less Infrastructure
All of infrastructure authenticates between micro-services with password-less technology. Protecting us from credential theft.
Secure HSM
CA keys are created for each policy and never leave the FIPS 140-2 Hardware Security Modules.
Bring Your Own CA
Control your CA keys and give EZSSH access to sign certificates. Contact us to learn more about this option.