Permanent PEM files are technical debt with a security fuse. CertLocker replaces them with time-limited, token-scoped SSH access — so you always know who has access to what, and you can revoke it in seconds.
Permanent SSH keys seem convenient. They are — until they aren't. Once a key is created and copied to a server, you've created an access credential with no natural expiry, no audit trail, and no easy way to revoke across many hosts.
Keys outlive employees
When someone leaves, which servers still have their key? You don't know without auditing every host manually.
Laptops get lost
A stolen laptop with an SSH key gives the attacker persistent access until you manually revoke from every server.
Keys get shared
"Just use my key for now" becomes permanent. The key is on 3 laptops and nobody remembers which servers it's authorized for.
A user or automated system requests SSH access to a specific target — scoped by environment, service, or hostname — with a defined TTL.
CertLocker issues a short-lived SSH certificate or token. No permanent key is created. The credential is valid for the specified duration only.
The connection routes through CertLocker's bastion layer, which validates the token and logs the session.
When the TTL runs out, the credential is invalid. No cleanup required. No lingering authorized_keys entry to audit later.
Issue tokens valid for 1 hour, 4 hours, or 24 hours. Match access duration to actual need, not convenience.
Tokens are scoped to specific hosts, environments, or service groups. No blanket access credentials.
Every connection logged: who connected, to what host, from which IP, at what time, for how long.
Revoke an active token immediately — no waiting for TTL. Useful when a laptop is reported lost or a session looks suspicious.
Optionally restrict token use to specific source IPs or CIDR ranges. Extra layer of defense for sensitive targets.
Works with standard OpenSSH — no agent installation on target hosts. Compatible with VMs, bare metal, Windows, and Linux.
CertLocker manages TLS certificates and SSH access together — because they're both credential management problems. One dashboard. One audit log. One place to revoke anything.
