Key Manager Plus » Features » SSH keys rotation

As keys proliferate, it gets harder for IT admins to keep track of the purpose of each existing key. As a result, they might refrain from rotating the keys whose status they are unsure of. If SSH keys remain static for a prolonged period, it only increases the chances for them to be compromised. Key Manager Plus bolsters the security of keys by auto-rotating them periodically.

Maintain consistent rotation cycles

Since SSH keys do not come with an expiry date, it is best practice to rotate them regularly to prevent misuse. Key Manager Plus enables systematic rotation of keys: You can perform on-demand rotation in a single click or schedule the keys to be rotated automatically on a recurrent basis.

Efficiently rotate numerous keys in groups

It is cumbersome to rotate thousands of keys and their accompanying passphrases manually. Key Manager Plus allows you to form multiple groups of keys and perform bulk rotation on them, helping you save time when a multitude of keys are involved. After every rotation, each private key is encrypted with a new passphrase.

Get notified about static keys

During each rotation, a new pair of private and public keys will be generated so the keys are renewed and maintained securely. The longer the keys are in existence without being rotated, the greater the threat they pose. Key Manager Plus has dedicated dashboard widgets to inform you about the keys that have not been rotated for a long time. It also allows you to configure the maximum number of days for a key to remain un-rotated, after which you will be promptly notified.

SSH key Rotation
Alert for unrotated keys