In the absence of an automated mechanism to manage SSH keys, the SSH environment in the organization lacks visibility and control. Also, with the prevalent practices of using the same passphrases with all SSH keys, the compromise of a single key could expose many other vulnerabilities. Moreover, the network has to be constantly monitored, and controlled, to prevent further access violations, for which they require an automated system and the entire SSH network reconfigured.
If the situation is beyond repair with thousands of keys lying scattered, the easy way out is to wipe them out all and create fresh ones and properly manage them.
Key Manager Plus offers provision to maintain only its own SSH key deployments, removing the existing keys, thereby entirely redesigning the SSH network. This process can be used to remediate all access vulnerabilities, and get off to a clean, completely managed start.
Key Manager Plus can also be used to create and deploy new keys and leave the existing keys undisturbed. This way, it can work seamlessly with other SSH key deployments, without modifying the existing access provisions.
You can create a policy - whether you want to remove the existing keys and have a fresh, completely managed start or leave the existing keys undisturbed. Once the policy is set, Key Manager Plus will create and deploy new keys in accordance with it.